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© A method of transferring data, an electronic document or the like, a system for transferring data, an 
electronic document or the like and a card to be used in accordance with the method. 



© When transferring data, an electronic document 
or the like from a first computer system (100) to a 
second computer system (200) via a data transmis- 
sion line (300), e.g. a public data transmission line, a 
first output and input station (122) comprising a first 
electronic card (124) and a second output and input 
station (222) comprising a second electronic card 
(224) are used. 
J? The data is transferred to the first electronic card 
^(124) from the first computer system (100) via the 
r- first station (122) and is encrypted in the first elec- 
Otronic card (124), whereupon the data is output from 
***the first electronic card (124) in encrypted form and 
<^ transferred via the first station (122) to the first 
O computer system (100) and therefrom to the data 
^transmission line (300). 

O The data is received by the other computer 

CL 
111 



system (200) in encrypted form and is transferred to 
the second electronic card (224) via the second 
station (222), whereupon the data is decrypted in the 
second electronic card (224) and is output from the 
second electronic card via the second station (222) 
to the second computer system (200). As the data 
transfer between the first and the second computer 
system is carried out between the first and the 
second electronic card, no third parties have neither 
authorized nor unauthorized possibility of interfering 
with the data transmission and possibly changing the 
data or the electronic document The first and the 
second electronic card (124, 224) constitute a coher- 
ent set of cards comprising coherent 
encryption/decryption keys input into the internal 
storages of the cards. 



Xerox Copy Centre 




2 



EP 0 402 301 A1 



A METHOD OF TRANSFERRING DATA, AN ELECTRONIC DOCUMENT OR THE LIKE, A SYSTEM FOR 
TRANSFERRING DATA, AN ELECTRONIC DOCUMENT OR THE LIKE AND A CARD TO BE USED IN 

ACCORDANCE WITH THE METHOD 



The present invention relates to a method of 
transferring data, an electronic document or the like 
from a first computer system to a second computer 
system via a data transmission line, e.g. a public 
data transmission line. 

Several techniques and standards are known 
for transferring data, electronic documents or the 
like from a first computer system to a second 
computer system via different data transmission 
lines such as high speed communication lines, 
private or public. data transmission lines, etc. If the 
data transmission line itself is not secured against 
third parties with or without authorization being able 
to tap the data transferred via the data transmission 
line or the electronic document transferred via the 
data transmission line, it is a conventional tech- 
nique to provide an encryption of the data or the 
electronic document in accordance with 
encryption/decryption techniques well-known per 
se, which techniques may comprise either symmet- 
rical or asymmetrical encryption algorithms, secret 
or public keys. In this context reference is only to 
be made to the well-known DES algorithm (Data 
Encryption Standard), developed by IBM in 
cooperation with the National Bureau of Standards 
(NBS), USA As an example of a data/document 
exchange protocol mention is here to be made of 
the data/document exchange protocol -LECAM- de- 
veloped by FRANCE TELECOM in connection with 
the Minitel computers used widely in France, in 
accordance with which the data/document transfer 
may take place in encrypted and not encrypted 
form (further specifications of the protocol are giv- 
en in S.T.U.C.AM - Specification Techniques 
^Utilisation du LECAM, © Decern bre 1987, 
FRANCE TELECOM, Teletel). Such an encrypted 
data transmission presupposes, however, that the 
transmitter and the receiver can agree to establish- 
ing a mutual set of encryption/decryption keys, as 
the parties involved, transmitter and receiver, in- 
variably have to reveal details concerning security 
levels, etc. Such an agreement requires, however, 
that both transmitter and receiver fully trust the 
other party. Even if the two parties, who are to 
make a transfer of data or a transfer of one elec- 
tronic document from a first computer system .to a 
second computer system, can agree to such an 
exchange of encryption/decryption keys for use in 
connection with an encryption/decryption algorithm 
agreed upon, not even such an encrypted data 
transmission ensures that the data sent from the 
first computer system or the electronic document 
sent from the first computer system is received 



correctly by the second computer system, as it will 
be possible to manipulate the data or the electronic 
document in connection with the execution of the 
encryption algorithm in the first computer system, 

5 just as the receiver after decryption can manipulate 
the data or the electronic document Such an en- 
crypted data transmission does not in itself ensure 
that the transfer taking place is the intended or 
desired transfer of the data or the electronic docu- 

10 ment, that the data received by the second com- 
puter system or the electronic document received 
by the second computer system, in the form in 
which the data or the electronic document exists in 
the second computer system after transfer, is iden- 

75 tical to the data sent from the first computer sys- 
tem or the electronic document sent from the first 
computer system. Such an encrypted data trans- 
mission via a public or private data transmission 
line does neither in itself ensure that the two com- 

20 puter systems communicating with each other are 
the correct, intended parties of communication. 

The object of the present invention is to pro- 
vide a method of the type defined above, accord- 
ing to which method it is possible to establish 

25 immediately a secure data or document transfer 
between two computer systems without having to 
exchange encryption/decryption keys between the 
computer systems, reveal details concerning secu- 
rity levels, etc., and according to which method it is 

30 ensured that the desired data or document transfer 
actually takes place, as it is ensured that it will not 
be possible for either of the parties or for a third 
party to interfere with the data or document trans- 
fer. The object of the present invention is thus 

35 more explicitly to provide techniques ensuring that 
at the transfer of data or an electronic document 
from one first computer system to a second com- 
puter system via a data transmission line, e.g. a 
public data transmission line, it is guaranteed that 

AO the data received by the second computer system 
or the electronic document received by the second 
computer system is identical to the data sent from 
the first computer system or the electronic docu- 
ment sent from the first computer system and vice 

45 versa. 

This object is obtained in accordance with the 
invention by means of a method of the type de- 
fined above, which method in accordance with a 
first aspect of the invention is characterized in that 
so for said transfer 

a first station is used for outputting data from and 
inputting data into a first electronic card, said first 
station being connected to and communicating with 
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said first computer system and furthermore being 
connected to said data transmission line via said 
first computer system and interfacing means, and 
a second station is used for outputting data from 
and inputting data into a second electronic card, 
said second station being connected to and com- 
municating with said second computer system and 
furthermore being connected to said data transmis- 
sion line via this second computer system and 
interfacing means, 

said first and second electronic card each compris- 
ing a central data processing unit, an internal stor- 
age means, an input/output gate for communication 
with said corresponding station as well as an 
encryption/decryption means and together consti- 
tuting a coherent set of cards comprising coherent 
encryption and decryption keys input into said in- 
ternal storages of said cards, 
said data or said electronic document being trans- 
ferred to said first electronic card from said first 
computer system via said first station and said 
input/output gate of said first electronic card, being 
input into and being temporarily stored in said 
internal storage of said first electronic card, 
said data or said electronic document being output 
from said internal storage of said first electronic 
card and being encrypted in said first electronic 
card by means of said encryption/decryption 
means of said first electronic card and said encryp- 
tion key(s) stored in said internal storage of said 
first electronic card, 

said data or said electronic document being output 
from said first electronic card in encrypted form via 
said input/output gate of said first electronic card 
and being transferred via said first station to said 
first computer system and being transferred there- 
from via said interfacing means of said first com- 
puter system to said data transmission line, 
said data or said electronic document being re- 
ceived by said second computer system in encryp- 
ted form via said interfacing means of said second 
computer system, being transferred to said second 
electronic card via said second station and via said 
input/output gate of said second electronic card, 
being input into and temporarily stored io said 
internal storage of said second electronic card, 
said data or said electronic document being output 
from said internal storage of said first electronic 
card in encrypted form and being decrypted in said 
second electronic card by means of said 
encryption/decryption means of said second elec- 
tronic card and said decryption key(s) stored in 
said internal storage of said second electronic card, 
and 

said data or said electronic document being output 
after decryption in said second electronic card from 
said second electronic card and output to said 
second computer system via said input/output gate 



of said second electronic card and via said second 
station. 

In accordance with the first aspect of the inven- 
tion, the data or document transfer from the first 

5 computer system to the second computer system 
is established by means of two coherent electronic 
cards, which by themselves ensure the necessary 
data transmission security during data transmission 
in encrypted form, as the use of two coherent 

w electronic cards at the same time relative to both 
transmitter and receiver, guarantees that the data 
output from the second electronic card or the elec- 
tronic document output from the second electronic 
card is identical to the data input into the first 

75 electronic card or the electronic document input 
into the first electronic card. 

As the data transfer between the first and the 
second computer system is carried out between 
the first and the second electronic card, no third 

so parties with or without authorization are able to 
interfere with the data transmission and change the 
data or the electronic document As will be clear, 
this data or document transfer in accordance with 
the teaching of the invention is possible, without 

25 having to make any other modification in the con- 
nection between the first and the second computer 
system than the supplementing (which is char- 
acteristic to the invention) of both the first and the 
second computer system with associated input and 

30 output stations, which are used for input and output 
of data in the respective electronic cards belonging 
to the coherent set of cards. Such coherent set of 
cards can be issued immediately, hired out or sold 
by a neutral and outside card issuer, who thus 

35 without neither transmitter or receiver having to 
provide information about data transmission secrets 
such as encryption algorithms, security levels, etc., 
can enable the transmitter and the receiver to 
transfer data or electronic documents between the 

40 corresponding computer systems without any risk 
that the data received by the receiver or the elec- 
tronic document received by the receiver is not 
identical to the data sent by the transmitter or the 
electronic document sent by the transmitter. 

45 In accordance with the present invention it is 
furthermore possible to ensure that the transfer 
takes place between computer systems, the au- 
thenticity of which is verified relative to one an- 
other, as a verification of the authenticity of the first 

so electronic card relative to the second electronic 
card and vice versa is preferably made prior to the 
transfer of the data or the electronic document 
from the first computer system to the second com- 
puter system. 

55 In accordance with the method according to 
the invention it is furthermore possible to verify that 
the data or document transfer is correct, i.e. to 
verify that the data received by the receiver or the 
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second computer system or the electronic docu- 
ment received by the receiver or the second com- 
puter system is identical to the data sent from the 
first computer system or the electronic document 
sent from the first computer system, as in accor- 
dance with the invention a verification of the integ- 
rity of the data or document transfer is preferably 
made at the transfer of the data or the electronic 
document from the first computer system to the 
second computer system. 

The utilization of a coherent set of electronic 
cards which is characteristic of the invention, via 
which the data and document transfer takes place, 
makes it possible for the data or document transfer 
to proceed completely autonomously without any 
possibility of interference or corrupting from neither 
the computer systems involved persons, including 
operators, who with or without authorization try to 
change the data or the electronic document being 
transferred, as in accordance with the method of 
the invention, the inputting into, the outputting from, 
the encryption and the decryption and possibly the 
authenticity and integrity verification are preferably 
controlled autonomously by the central data pro- 
cessing unit of the individual card. 

In accordance with a special aspect of the 
present invention, the actual transfer of the data or 
the electronic document between the first and the 
second computer system is preferably made in 
accordance with the above-mentioned LECAM pro- 
tocol either in encrypted or decrypted form. 

According to a first embodiment of the above 
described authenticity verification it is preferred 
that 

a first set of data being generated in said first 
electronic card, said set of data being input into 
and stored In said internal storage of said first 
electronic card and being encrypted in said first 
electronic card by means of said 
encryption/decryption means of said first electronic 
card and said encryption key(s) stored in said 
internal storage of said first electronic card, 
said first set of data being output from said first 
electronic card in encrypted form via said 
input/output gate of said first electronic card, being 
transferred via said first station to said first com- 
puter system and being transferred therefrom via 
said interfacing means of said first computer sys- 
tem to said data transmission line, 
said first set of data being received by said second 
computer system in encrypted form via said inter- 
facing means of said second computer system, 
'being transferred to said second electronic card via 
said second station and via said input/output gate 
of said second electronic card being input into and 
temporarily stored in said internal storage of said 
second electronic card, 

said first set of data received by said second 



computer system in encrypted form being output 
from said internal storage of said second electronic 
card and being decrypted in said second electronic 
card by means of said encryption/decryption 

5 means of said second electronic card and said 
decryption key(s) stored in said internal storage of 
said second electronic card, 
said first set of data received by said second 
computer system in encrypted form and decrypted 

io in said second electronic card being input into and 
stored in said internal storage of said second elec- 
tronic card, 

a second set of data being generated in said sec- 
ond electronic card, said second set of data being 
75 input into and stored in said internal storage of said 
second electronic card, 

a first combination of said first set of data received 
by said second computer system in encrypted 
form, decrypted and stored in said internal storage 

20 of said second electronic card and said second set 
of data stored in said internal storage of said sec- 
ond electronic card being generated in said second 
electronic card, said first combination being input 
into and stored in said internal storage of said 

25 second electronic card, 

said first combination being encrypted in said sec- 
ond electronic card by means of said 
encryption/decryption means of said second elec- 
tronic card and said encryption key(s) stored in 

so said internal storage of said second electronic card, 
said first combination being output from said sec- 
ond electronic card in encrypted form via said 
input/output gate of said second electronic card, 
being transferred via said second station to said 

35 second computer system and being transferred 
therefrom via said interfacing means of said sec- 
ond computer system to said data transmission 
line, 

said first combination being received by said first 
40 computer system in encrypted form via said inter- 
facing means of said first computer system, being 
transferred to said first electronic card via said first 
station and via said input/output gate of said first 
electronic card, being input into and temporarily 
45 stored in said internal storage of said first elec- 
tronic card, 

said first combination received by said first com- 
puter system in encrypted form being output from 
said internal storage of said first electronic card 

so and being decrypted in said first electronic card by 
means of encryption/decryption means of said first 
electronic card and said decryption key(s) stored in 
said internal storage of said first electronic card, 
said first combination received by said first com- 

65 puter system in encrypted form and decrypted in 
said first electronic card being input into and stored 
in said interna) storage of said first electronic card, 
said first combination stored in said internal storage 
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of said first electronic card being decombined for 
producing a first set of data retransmitted to said 
first electronic card and a second set of data trans- 
ferred to said first electronic card, 
said first set of data retransmitted to said first 
electronic card and said second set of data trans- 
ferred to said first electronic card being input into 
and stored in said internal storage of said first 
electronic card, 

said first set of data stored in said interna) storage 
of said first electronic card being compared to said 
first set of data retransmitted to said first electronic 
card and stored in said internal storage of said first 
electronic card for verification of identity between 
these sets of data for verification of the authenticity 
of said second electronic card relative to said first 
electronic card, 

a third set of data being generated in said first 
electronic card, said third set of data being input 
into and stored in said internal storage of said first 
electronic card, 

a second combination of said second set of data 
received in encrypted form by said first computer 
system, decrypted and stored in said internal stor- 
age of said first electronic card and said third set of 
data stored in said internal storage of said first 
electronic card being generated in said first elec- 
tronic card, said second combination being input 
into and stored in said internal storage of said first 
electronic card, 

said second combination being encrypted in said 
first electronic card by means of said 
encryption/decryption means of said first electronic 
card and said encryption key(s) stored in said 
internal storage of said first electronic card, 
said second combination being output from said 
first electronic card in encrypted form via said 
input/output gate of said first electronic card, being 
transferred via said first station to said first com- 
puter system and being transferred therefrom via 
said inter facing means of said first computer sys- 
tem to said data transmission line, 
said second combination being received by said 
second computer system in encrypted form via 
said interfacing means of said second computer 
system, being transferred to said second electronic 
card via said second station and via said 
input/output gate of said second electronic card, 
being input into and temporarily stored in said 
internal storage of said second electronic card, 
said second combination received by said second 
computer system in encrypted form being output 
from said internal storage of said second electronic 
card and being decrypted in said second electronic 
card by means of said encryption/decryption 
means of said second electronic card and said 
decryption key(s) stored in said internal storage of 
said second electronic card. 



said second combination received by said second 
computer system in encrypted form and decrypted 
being input into and stored in said internal storage 
of said second electronic card, 

5 said second combination stored in said internal 
storage of said second electronic card being de- 
combined for producing a second set of data re- 
transmitted to said second electronic card and third 
set of data transferred to said second electronic 

70 card, 

said second set of data retransmitted to said sec- 
ond electronic card and said third set of data 
transferred to said second electronic card being 
input into and stored in said internal storage of said 

f5 second electronic card, and 

said second set of data stored in said internal 
storage of said second electronic card being com- 
pared to second set of data retransmitted to said 
second electronic card and stored in said internal 

20 storage of said second electronic card for verifica- 
tion of identity between these sets of data for 
verification of the authenticity of said first electronic 
card relative to said second electronic card. 
. In this authenticity verification the first, the sec- 

25 ond and the third set of data serve in a unique and 
. logical way relative to the first and the second 
electronic card to verify that the transfer of data or 
the electronic document has taken place correctly 
and thus that the data or the electronic document 

30 which is received by the second electronic card, is 
identical to the data sent by the first electronic card 
or the electronic document sent by the first elec- 
tronic card and further to ensure that the transmit- 
ter and the receiver are authorized transmitter and 

35 received, respectively, and also that the transmitter 
and receiver are what they pretend to be. 

According to a first embodiment of the inven- 
tion the integrity verification is made by 
a compacted version of said data or said electronic 

40 document being generated in said first computer 
system or said first electronic card, said com- 
pacted version being input into and stored in said 
internal storage of said first electronic card, 
a compacted version of said data transferred to 

45 said second computer system or of said electronic 
document transferred to said second computer 
system being generated in said second computer 
system or in said second electronic card, said 
compacted version being input into and stored in 

50 said internal storage of said second electronic card, 
said compacted version stored in said internal stor- 
age of said first electronic card being output from 
said internal storage of said first electronic card 
and encrypted in said first electronic card by 

55 means of said encryption/decryption means of said 
first electronic card and said encryption key(s) 
stored in said internal storage of said first elec- 
tronic card, 
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said compacted data or document version encryp- 
ted by said encryption/decryption means of said 
first electronic card being output from said first 
electronic card via said input/output gate of said 
first electronic card, being transferred via said first 
station to said first computer system and being 
transferred therefrom via said interfacing means of 
said first computer system to said data transmis- 
sion line, 

said encrypted and compacted data or document 
version transferred from said first computer system 
being received by said second computer system 
via said interfacing means of said second computer 
system, being transferred to said second electronic 
card via said second station and via said 
input/output gate of said second electronic card, 
being input into and temporarily stored in said 
internal storage of said second electronic card, 
said compacted data or document version received 
by said second computer system in encrypted 
form being output from said internal storage of said 
second electronic card and being decrypted in said 
second electronic card by means of said 
encryption/decryption means of said second elec- 
tronic card and said decryption key(s) stored in 
said internal storage of said second electronic card, 
said decrypted, compacted data or document ver- 
sion received by said second computer system in 
encrypted form and decrypted by said second 
electronic card being input into and stored in said 
internal storage of said second electronic card, 
a comparison of said compacted data or document 
version stored in said second electronic card and 
said decrypted, compacted data or document ver- 
sion received by said second computer system in 
encrypted form and decrypted being made in said 
second electronic card for verification of the integ- 
rity of or identity between said data transferred 
from said first computer system and said data 
received by said second computer system or of 
the integrity of or identity between said electronic 
document transferred from said first computer sys- 
tem and said electronic document received by said 
second computer system. 

According to a further and alternative embodb 
ment of the invention the integrity verification is 
made by 

a compacted version of said data or said electronic 
document being generated in said first computer 
system or in said first electronic card, said com- 
pacted version being input into and stored in said 
internal storage of said first electronic card, 
a compacted version of said data transferred to 
said second computer system or said electronic 
document transferred to said second computer 
system being generated in said second computer 
system or in said second electronic card, said 
compacted version being input into and stored in 



said internal storage of said second electronic card, 
said compacted version stored in said internal stor- 
age of said second electronic card being output 
from said internal storage of said second electronic 

5 card and encrypted in said second electronic card 
by means of said encryption/decryption means of 
said second electronic card or said encryption key- 
(s) stored in said internal storage of said second 
electronic card, 

10 said compacted data or document version encryp- 
ted by said encryption/decryption means of said 
second electronic card being output from said sec- 
ond electronic card via said input/output gate of 
said second electronic card, being transferred via 

75 said second station to said second computer sys- 
tem and being transferred therefrom via said inter- 
facing means of said second computer system to 
said data transmission line, 
said encrypted and compacted data or document 

20 version transferred from said second computer 
system being received by said first computer sys- 
tem via said interfacing means of said first com- 
puter system, being transferred to said first elec- 
tronic card via said first station and via said 

25 input/output gate of said first electronic card, being 
input into and temporarily stored in said internal 
storage of said first electronic card, 
said compacted data or document version received 
by said first computer system in encrypted form 

30 being output from said internal storage of said first 
electronic card and being decrypted in said first 
electronic card by means of said 
encryption/decryption means of said first electronic 
card and said decryption key(s) stored In said 

35 internal storage of said first electronic card, 

said decrypted, compacted data or document ver- 
sion received by said first computer system in 
encrypted form and decrypted by said first elec- 
tronic card being input into and stored in said 

40 internal storage of said first electronic card, 

a comparison of said compacted data or document 
version stored in said first electronic card and said 
decrypted, compacted data or document version 
received by said first computer system in encryp- 

45 ted form and decrypted being made in said first 
electronic card for verification of the integrity of or 
identity between said data transferred from said 
first computer system and said data received by 
said second computer system or of the integrity of 

50 or identity between said electronic document trans- 
ferred from said first computer system and said 
electronic document received by said second com- 
puter system. 

In accordance with the presently preferred em- 

55 bodiment, the integrity verification is, however, 
made by transferring a compacted data or docu- 
ment version from the first electronic card to the 
second electronic card as well as from the second 
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electronic card to the first electronic card and com- 
paring both transferred, compacted data or docu- 
ment versions to stored, compacted data or docu- 
ment versions in the two electronic cards. 

According to alternative embodiments of the 
method according to the invention, said alternative 
embodiments constituting combinations of the au- 
thenticity and integrity verifications, said transfer of 
said compacted data or document version gen- 
erated in said first computer system or in said first 
electronic card from said first electronic card to 
said second electronic card is made simultaneous- 
ly with said transfer of said data or said electronic 
document itself, said data or electronic document 
and said compacted data or document version be- 
ing combined and encrypted as a whole before 
said transfer, or alternatively said transfer of said 
compacted data or document version generated in 
said second computer system or in said second 
electronic card from said second electronic card to 
said first electronic card is made simultaneously 
with a retransmission of said data or said electronic 
document received from said first electronic card 
from said second electronic card to said first elec- 
tronic card, said data or electronic document to be 
retransmitted and said compacted data or docu- 
ment version being combined and encrypted as a 
whole before said transfer. 

According to a combination of these alternative 
integrity and authenticity verifications, a simulta- 
neous retransmission of said compacted data or 
document version received by said second elec- 
tronic card and generated in said first computer 
system or in said first electronic card is made at 
said transfer of said compacted data or document 
version generated in said second computer system 
or in said second electronic card and said retrans- 
mission of said data or said electronic document 
from said second electronic card, both compacted 
data or document versions and said data or said 
electronic document to be retransmitted being 
combined and encrypted as a whole before said 
transfer. 

The above stated objects are alternatively ob- 
tained in accordance with the invention by a meth- 
od of the type defined above, which method in 
accordance with a second aspect of the invention 
is characterized in that 
for said transfer 

a first station is used, which is secured against 
illegal entry, he. a so-called "tamper-proof" station, 
for outputting data from and inputting data into 
a first card, said first station being connected to 
and communicating with said first computer system 
and furthermore being connected to said data 
transmission line via said first computer system 
and interfacing means, and said first station having 
a centra] processing unit, an internal storage, an 



input/output means for outputting data from and 
inputting data into said first card as well as an 
encryption/decryption means, and 
a second station is used, which is secured against 

5 illegal entry, i.e. a so-called "tamper-proof" station, 
for outputting data from and inputting data into a 
second card, said second station being connected 
to and communicating with said second computer 
system and furthermore being connected to said 

10 data transmission line via said second computer 
system and interfacing means, and said second 
station having a central data processing unit an 
internal storage, an input/output means for output- 
ting data from and inputting data into said first card 

75 as well as an encryption/decryption means 

said first and second card constituting a coherent 
set of cards comprising coherent data input into 
said cards concerning said coherent 
encryption/decryption keys stored in said internal 

20 storages of said corresponding stations. 

said data or said electronic document being trans- 
ferred to said first station and being input into and 
temporarily stored in said internal storage of said 
first station, 

25 said data or said electronic document being output 
from said internal storage of said first station and 
being encrypted in said first station by means of 
said encryption/decryption means of said first sta- 
tion and said encryption key(s) stored in said inter- 

30 nal storage of said first station. 

said data or said electronic document being output 
from said first station to said first computer system 
in encrypted form and therefrom via said interfac- 
ing means of said first computer system to said 

35 data transmission line, 

said data or said electronic document being re- 
ceived by said second computer system in encryp- 
ted form via said interfacing means of said second 
computer system, being transferred to said second 

40 station, being input into and temporarily stored in 
said internal storage of said second station, 
said data or said electronic document received in 
encrypted form being decrypted in said second 
station by means of said encryption/decryption 

45 means of said second station and said decryption 
icey(s) stored in said internal storage of said sec- 
ond station, and 

said data or said electronic document in said sec- 
ond station being output from said second station 

50 after decryption to said second computer system. 

This alternative method according to the sec- 
ond aspect of the invention is preferably in accor- 
dance with advantageous .embodiments of the 
method implemented in accordance with the above 

55 stated embodiments of the method according to 
the first aspect of the present invention. 

The present invention furthermore relates to a 
system for transferring data, an electronic docu- 
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ment or the like from a first computer system to a 
second computer System, said second computer 
system being autonomous in relation to said first 
computer system, via a data transmission line, e.g. 
a public data transmission line, in accordance with 
the method according to the first aspect of the 
invention, which system in accordance with the 
invention is characterized in that it comprises the 
first station and the second station, which are con- 
nected to and communicate with the first and the 
second computer system, respectively, and which 
furthermore via the first and the second computer 
system, respectively, and the corresponding inter- 
facing means are connected to the data transmis- 
sion line, as well as the first and the second 
electronic card, which constitute a coherent set of 
cards comprising the coherent 
encryption/decryption keys input into the internal 
storages of the cards. The coherent set of cards 
used in this system according to the invention 
preferably comprises cards of the type DES Smart 
Card (Philips), Super Smart Card (Bull) or CP8 
Smart Card (Bull) or at least a card implemented 
on a printed circuit card, a thick-film substrate, a 
thin-film module, etc. * 

The present invention furthermore relates to a 
system for transferring data, an electronic docu- 
ment or the like from a first computer system to a 
second computer system, said second computer 
system being autonomous relative to said first 
computer system, via a data transmission line, e.g. 
a public data transmission line, said system being 
characterized in that it comprises said first station 
and said second station, which are connected to 
and communicate with said first and said second 
computer system, respectively, and which further- 
more via said first and said second computer sys- 
tem, respectively, and corresponding interfacing 
means are connected to said data transmission 
line, as well as said first and said second card, 
which constitute a coherent set of cards comprising 
said coherent data input into said cards concerning 
said coherent encryption/decryption keys stored in 
said internal storages of said corresponding sta- 
tions. The coherent set of data, which is used 
according to the system and the method according 
to the second aspect of the invention can be a 
magnetic card as well as an electronic card which 
again can be of above-mentioned type. In accor- 
dance with this aspect of the invention, any other 
medium can furthermore be used. 

The present invention furthermore relates to an 
electronic card comprising a central data process- 
ing unit, an internal storage, an input/output gate 
for communication with a associated station for 
outputb'ng data from and inputting data into the 
electronic card as well as an encryption/decryption 
means, which card according to the invention con- 



stituting a first electronic card of a coherent set of 
cards comprising the first electronic card and a 
second electronic card, which electronic cards 
have coherent encryption/decryption keys and are 

s designed to be used in accordance with a method 
according to the first aspect of the invention. 

The encryption made according to the inven- 
tion can be made according to arbitrary known 
technique and comprise symmetrical or asymmet- 

70 rical encryption/decryption algorithms such as DES 
algorithms, RSA algorithms or the like. The 
encryption/decryption algorithms can furthermore 
be combined. 

The invention will now be further described 

is with reference to the drawing, 
in which 

Fig. 1 shows a system according to* the 
invention comprising a first computer system and a 
second computer system communicating with each 
20 other via a data transmission line for carrying out 
the method according to the invention, 

fig. 2 schematically shows the structure of 
the software of the system shown in fig. 1, 

fig. 3 schematically shows a system accord- 
25 ing to the invention comprising two computer sys- 
tems communicating with each other via a data 
transmission line, and furthermore a mini computer, 

fig. 4 schematically shows an enlarged sys- 
tem comprising three computer systems, which 
30 according to the teaching of the invention commu- 
nicate with each other via a data transmission line, 
and one of which furthermore communicates with 
two terminals or Minitels via appropriate interfacing 
means and the data transmission line, 
35 fig. 5 shows a block diagram of an authentic- 

ity verification, and 

fig. 6 shows a block diagram of an integrity 
verification. 

In fig. 1, a system according to the invention 

40 for carrying out the method according to the inven- 
tion is shown schematically, which system com- 
prises two autonomous computer systems, a first 
computer system shown in the left-hand part of fig. 
1 and designated the reference numeral 100 in its 

45 entirety, and a second computer system shown in 
the right-hand part of fig. 1 and designated the 
reference numeral 200 in its entirety. The two com- 
puter systems 100 and 200 are shown schemati- 
cally comprising the same types of elements, 

50 which for the two computer systems are indicated 
by the same two last digits of the reference nu- 
merals, the reference numerals for elements be- 
longing to the first computer system 100 beginning 
with the digit 1 and the reference numerals for 

55 elements belonging to the second computer sys- 
tem 200 beginning with the digit 2. The two com- 
puter systems 100 and 200 thus each comprises 
an "inhouse" main computer, 102, 202, respec- 
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tively. These main computers 102 and 202 commu- 
nicate via data lines 104, 204 with terminals or 
personal computers (PC's) 106, 206, which each 
comprises a keyboard 108, 208, a computer sec- 
tion 110, 210 and a computer screen 112, 212. The 
terminals or the PC's 106, 206 furthermore commu- 
nicate with the associated diskette stations or op- 
tical disc store 114, 214 as well as hard disks 116, 
216 with associated back-up diskette stations or 
optical disc store 118, 218. The terminals or the 
PC's 106, 206 are furthermore via respective data 
transmission lines 120, 220 connected to respec- 
tive stations 122, 222 for input and output of data in 
respective electronic cards or chip cards, so-called 
Smart Cards, which are indicated by the reference 
numerals 124, 224. 

Together with the associated peripheral equip- 
ment comprising the diskette stations or optical 
disc store 114, 214, the hard disks 116, 216, the 
back-up diskette stations or optical disc store 118, 
218, the associated stations 122, 222 as well the 
associated electronic cards 124, 224, the terminals 
or the PC's 106, 206 are contained in the blocks 
126, 226 indicated by dotted lines. 

The task or object of the invention is to provide 
a possibility of transferring data from the first com- 
puter system to the second computer system, by 
which data transfer it is ensured that the data sent 
is identical to the data intended to be sent that the 
data received is identical to the data sent, and 
preferably furthermore that the transfer only takes 
place between parties specifically intended to send 
and receive data, that receipt of the data is ac- 
knowledged by the receiver and furthermore that 
receipt of the receiver's acknowledgement is ac- 
knowledged by the sender relative to the receiver. 
In the following description, the data transfer is 
meant to take place from the first computer system 
100 to the second computer system 200, but it is 
of course clear that the data transfer can also take 
place in the opposite direction. According to the 
invention the data transfer can furthermore consist 
m an exchange of data between the two computer 
systems, i.e. comprise a transfer of data from the 
first computer system 100 to the second computer 
system 200 and transfer of data from the second 
computer system 200 to the first computer system 
100. Neither of the respective sides of the two 
computer systems 100 and 200 has any knowledge 
of security levels, transmission protocols, 
encryption/decryption algorithms etc. of the other 
computer system. Via interfacing means contained 
in the associated terminals or PC's 106, 206 and 
the associated data transmission lines 128, 228, 
the two computer systems 100 and 200 are con- 
nected to a public data transmission network, which 
is collectively Indicated by the reference numeral 
300. Instead of a public data transmission network. 



e.g. an X25 data network, the data transmission 
network 300 can be a private network or comprise 
combinations of public and private computer net- 
works and furthermore via associated modems 
5 (modulators/demodulators) be connected to e.g. 
telephone lines or other signal or transmission 
lines. 

In order to ensure that the above stated re- 
quirements for data transfer are met, the data 

to transfer is made by the data to be transferred from 
the computer system 100 to the computer system 
200 first being output from the main computer 102 
of the computer system 100 to the terminal or the 
PC 106 and being transferred to the station 122. 

75 From the station 122 the data is transferred to the 
electronic card 124 via the input/output gate of this 
card, whereupon the data is processed exclusively 
by the electronic card 124. Similar to the card 224, 
the card 124 has in addition to the above-men- 

20 tioned input/output gate, a central processing unit 
or CPU, an internal storage, an 
encryption/decryption block which controlled by the 
internal central processing unit of the card is able 
to encrypt and decrypt the data by outputting data 

25 from the card or by inputting data into the card, 
respectively, by use of one or more 
encryption/decryption keys input into the card in 
advance, as will be described in greater detail 
below in a detailed system/software description. 

30 For the transfer of data between the cards, the 
cards 124, 224 have been issued together and 
constitute a coherent set of cards being preprog- 
rammed as regards encryption/decryption algo- 
rithms and keys in such a way that the cards are 

35 able to communicate with each other and decrypt 
data transferred from the first card to the second 
card and vice versa 

In the electronic card 124, an encryption of the 
data input is then made, the encrypted data is 

40 transferred via the station 122, the data transmis- 
sion line 120. the terminal or the PC 106, the 
associated interfacing means and the data trans- 
mission line 128 to the data transmission network 
300, from which the data via the data transmission 

45 line 228, the interfacing means of the terminal or 
the PC' 206, the terminal or the PC 206, the data 
transmission line 220 and the station 222 is trans- 
ferred to the electronic card 224, in which the data 
is decrypted by means of the 

so encryption/decryption key(s) stored in the card cor- 
responding to the encryption/decryption keys of the 
card 124. After decryption of the data in the card 
224 the data can be output in clear text from the 
electronic card 224 to the station 222 and be 

55 transferred via the data transmission line 220, the 
terminal or the PC 206 and the data transmission 
line 204 to the main computer 202. As the data 
transfer from the first computer system 100 to the 
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second computer system 200 only takes place 
between the two electronic cards 124 and 224 it is 
ensured that the data version output from the elec- 
tronic card 224 is identical to the data version input 
into the electronic card 124. Hereby it Is ensured 
that the data transferred to the second computer 
system 200 is identical to data intended to be sent 
from the first computer system 100, and seen from 
the point of view of the first computer 100 it is also 
ensured that the data version which the computer 
system 200 has received is identical to the data 
which was initially sent from the first computer 
system 100. 

In the below system description it will further- 
more be explained how an authenticity verification 
between the two electronic cards 124, 224 is made 
prior to the actual transfer and furthermore how 
acknowledgements containing compacted data ver- 
sions are signed for integrity verification, which 
acknowledgements are transferred between receiv- 
er and sender, i.e. between the card 224 and. the 
card 124. 

In fig. 2 the software design of the main com- 
puters 102, 202 of the computer systems 100 and 
200 and the terminals or PC's 106, 206 is shown 
schematically. It is to be realized that the software 
design is only intended to be illustrative and ex- 
planatory and in no way to be construed limiting 
the scope as defined in the appended claims. Each 
main software comprises an "inhouse" software 
130, 230, a communications protocol 132, 232 for 
transfer of data to the associated terminal or PC 
106, 206 via the data transmission lines 104, 204 
(e.g. an asynchronous RS 232 communications 
protocol), two software converter or compiler 
blocks 134, 234 and 136, 236 for conversion or 
compiling from "inhouse 1 * format to the transmis- 
sion protocol determined by the block 132, 232 
and from the transmission protocol determined by 
the block 132, 232 to "inhouse" format respec- 
tively. The main computer software 102, 202 may 
further comprise a further block 138, 238, a so- 
called Edifact software, which will be described 
below. 

The terminals or the PC's 106, 206 contain the 
following software blocks: a communications pro- 
toco! 140, 240 for communication with the main 
computer 102, 202 via the data transmission line 
104, 204, an internal central software 142, 242 
controlling the functions of the terminal or the PC 
in question, a converter or compiler software 144, 
244 corresponding to the software block 138, 238 
of the main computer 102, 202, a communications 
protocol 146, 246, e.g. an X25 protocol, which 
protocols constitute the interfacing means of the 
terminal or the PC to the associated data transmis- 
sion line 128, 228, a software block 148, 248 for 
communication with the associated peripheral 



equipment of the terminals or the PC's such as the 
diskette stations and hard disks 114, 214 and 116, 
216 shown in fig. 1, a software block 150, 250 
containing information regarding e.g. "black lists" 

5 etc. and finally a software block 152, 252 for com- 
munication with the associated station 122, 222. 
The PC program may further comprise a block 
corresponding to the blocks 138 and 238 dis- 
cussed above and comprising Edifact software. 

io It is to be noted that the data transfer compris- 
ing authenticity/integrity verification etc., which is 
characteristic of the invention, can be implemented 
with an integrated circuit card constituting a com- 
bination of a station and an electronic card such as 

75 a combination of the station 122 and the card 124 
or of the station 222 and the card 224. Such 
printed circuit cards are shown in the lower part of 
fig. 2 and designated the reference numerals 160 
and 260, respectively. The printed circuit card 160, 

20 260 thus constitutes a complementary card relative 
to the second printed circuit card or relative to an 
electronic card for use in connection with an asso- 
ciated station. Thus the printed circuit card 160 can 
be a circuit card complementary to the printed 

25 circuit card 260 or a card complementary to the 
electronic card 224. Correspondingly the printed 
circuit card 260 can be a card complementary to 
the electronic card 124 or a card complementary to 
the printer circuit card 160. 

30 In a further alternative embodiment of the in- 
vention the above described data transfer from the 
electronic card 124 to the electronic card 224 can 
be established between corresponding security 
modules 170, 270, which are shown in the lower 

35 part of fig. 2. These security modules or security 
terminals constitute so-called "tamper-proof" sta- 
tions, i.e. stations which due to their special phys- 
ical design make it impossible to open the system 
and thus reveal material as well as software. Simi- 

40 lar to the electronic cards 124, 224, these security 
modules contain an input/output gate, a central 
processing unit, internal storages and 
encryption/decryption blocks. In contrast to the 
electronic cards 124, 224 and the printed circuit 

45 cards 160, 260 integrating stations and cards, the 
interna) storages of the security modules can con- 
tain more encryption/decryption keys, which are 
addressed to a given data transfer by means of a 
card, e.g. an electronic card or a magnetic card, 

60 which similar to the electronic cards 124, 224 and 
printer circuit card 160, 260 integrating stations and 
electronic cards are issued by a card issuer, who 
corresponding to the electronic card or magnetic 
card in question issues a corresponding magnetic 

55 card or an electronic card or a printed circuit card 
for use at data transfer from a security module 
addressed by the magnetic card in question to a 
security module addressed by an associated elec- 
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Ironic card and finally to a printed circuit card or 
vice versa. 

In fig. 3, a system which is enlarged as com- 
pared to the system shown in fig. 1 is shown 
schematically, and which in addition to the two 
computer systems 100 and 200 comprises a mini 
computer which is designated the reference nu- 
meral 306 in its entirety and has a keyboard 308, a 
central processing unit 310 and a computer screen 
312. The mini computer system 306 can further- 
more comprise peripheral equipment such as a 
diskette station or a tape station, a printer, etc. 
Such peripheral equipment is not shown in fig. 3. 
For transfer of data to one of the computer sys- 
tems 100 or 200 or for reception of data from one 
of these computer systems in accordance with the 
teaching of the invention, the mini computer sys- 
tem 306 is connected to a station 322, correspond- 
ing to the stations 122, 222 shown in figs. 1, 2 and 
3, via a data transmission line 320 corresponding to 
the data transmission lines 120 and 220 shown in 
fig. 1. Via a data transmission line 328 correspond- 
ing to the data transmission fines 128, 228 via an 
interfacing means contained in the central data 
processing unit 310 of the mini computer system 
and furthermore possibly via a modem, which is 
not shown in fig. 3, the mini computer system 306 
is connected to a public telephone network 330. 
The public telephone network 330 is via a modem, 
which is neither shown in fig. 3, and a data trans- 
mission line 332 connected to a converter 346 
containing converter or compiler sub-blocks 334, 
336 corresponding to the software blocks 134, 234 
and 136, 236 shown in fig. 2 and which via a data 
transmission line 338 is connected to the network 
300. 

By means of two coherent cards one of which 
is received in the station 322, and another one of 
which is received in the station 122 or 222 of the 
computer 100 or 200 respectively, it is possible in 
accordance with the teaching of the invention pos- 
sible to transfer data to and from the mini computer 
system 306 from and to the computer system in 
question, respectively, the associated card station 
of which computer system has received an elec- 
tronic card, not shown, corresponding to the elec- 
tronic card received in the card station 322. Similar 
to the mini computer system 306, the computer 
system with which the mini computer is commu- 
nicating can have its electronic card integrated with 
the corresponding station in a printed circuit card, 
similar to the printed circuit cards shown in fig. 2 
and designated the reference numerals 160, 260 
belonging to the computer systems 100, 200, or 
have a security module or security terminal which 
is addressable by means of an electronic card or a 
magnetic card as explained above. 

In fig. 4 an alternative computer system con- 



figuration is shown which in addition to the above 
described computer system comprising the first 
computer system 100 and the second computer 
system 200 which are interconnected via the net- 

5 work 300, includes a number of mini computer 
systems, in the present case two mini computer 
systems 406 which are preferably so-called Minitet 
computers, communicating with an associated host 
which is shown in the upper central part of fig. 4 

w and designated the reference numeral 400 in its 
entirety, and which constitutes a computer system. 
The mini computer systems 406 and the host 400 
constitute a so-called videotex system which will 
be ex plained in greater detail below in the 

75 system/software description. The communication 
between the Minitel computers 406 and the host 
400 is preferably made in accordance with the 
LECAM protocol developed by FRANCE TELEC- 
OM. The computer system 400 constitutes a com- 

20 puter system corresponding to one of the computer 
system 100, 200, and between the computer sys- 
tem 400 and one of the computer systems 100, 
200 data can be transferred both ways in the above 
described manner by means of two coherent cards, 

25 especially two coherent electronic cards. Thus the 
computer system 400 is basically of a structure 
equivalent to the structure of the computer systems 
100, 200 and comprises a central processing unit 
402, which is connected to a communications block 

30 426 corresponding to the blocks 126, 226 via a 
data transmission line 404, which block 426 is 
connected to the network 300 via a data transmis- 
sion line 428 corresponding to the data transmis- 
sion lines 128, 228. The computer system 400 

35 furthermore comprises a hard disk 460 or disc 
store, a computer screen 462 and a card reader 
464. The card reader 464 is adopted to receive an 
electronic card of the above described kind, espe- 
cially a so-called smart card, at transfer of data to 

40 and from the Minitel computer 406, as will be 
explained in greater detail below in the 
system/software description. The card reader or the 
station 464 on the other hand has no connection to 
the external computer systems 100, 200, as the 

45 data transfer between the computer system 400 
and one of the computer systems 100, 200 is 
controlled by the communication block 426 in the 
above described way. The individual Minitel com- 
puters 406 has a keyboard 408, a computer screen 

so 412 and a card reader 422, which like the card 
reader 464 is adopted to receive an electronic 
card, which makes it possible to transfer data to 
and from the Minitel computer 406 from and to the 
computer system 400, respectively. The connec- 

55 tion from the individual Minitel computer 406 to the 
computer system 400 is established via a data 
transmission line 428 connecting the individual 
Minitel computer 406 to a public telephone network 
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430 by means of appropriate modem units, a con- 
nection from the public telephone network 430 to 
the computer system 400 being established via a 
first data transmission line 432, a converter or 
compiler 446 and a second data transmission line 
438. 

The Minitel computers shown in fig. 4 first of 
all serve the purpose of distributing electronic doc- 
ument "mail" internally within the Minitel system 
belonging to the computer system 400, as data or 
document transfer is made from the individual 
Minitel computer 406 via the public telephone net- 
work 430 and the network 300 by means of an 
electronic card issued by the institution which runs 
the computer system 400 to the station 464 of the 
computer system 400. The computer system 
shown in fig. 4 furthermore provides the possibility 
of transferring data or documents from the individ- 
ual Minitel computer 406 to the computer system 
400, from which system data or documents can be 
transferred again to a second computer system, 
e.g. the computer system 100 or the computer 
system 200 via the data transfer block 426 with 
associated electronic cards, in accordance with the 
above described data transfer. 



EXAMPLE 

A computer system of the type shown in fig- 
ures 1 and 2 was implemented with: 
Personal Computer 
AT 10 MHz with 640 kbytes storage, 
40 Mbyte hard disk, 2 serial RS232 gates, Danish 
keyboard, black/white screen including adapter. 
Type: Philips P3204. 
The following software was used: 
MS-DOS operating system version 3.3. 
Type: Microsoft 

RTOS Real Time Operating System version 4.00. 

Type: Dansk Informations Teknologi 

X.25 Communication card - 16 gates: 

Type: Stollmann SICOPOX25. 

SmartCard reader with power supply and RS232 

interface cable: 

Type: Philips/Control Data Laserdrive 510 DT 

For this system implementation, software was 
used developed by Netplus (©1989). The software 
is developed in C, Pascal and Assembler. 

In the computer system, data and documents 
in encrypted and not encrypted form were further- 
more exchanged between a Minitel terminal of the 
type shown in fig. 4 with the reference numeral 406 
antf a computer system of the above described 
type in accordance with the principles of the inven- 
tion, by means of the LECAM protocol developed 
by FRANCE TELECOM (©December 1987 - 
FRANCE TELECOM - TELETEL). 



A detailed system and software specification 
will be described below concerning both data trans- 
fer from the first computer system to the second 
computer system, e.g. from the computer system 
5 100 to the computer system 200, and data transfer 
to and from a Minitel computer 406 to and from the 
computer system 4O0, respectively. 



10 System and software description: 

The system has an interface to a large sur- 
rounding world, which is not under control under all 
circumstances. This implies that it must be ensured 

75 that unauthorized persons do not get unauthorized 
access to or insight into the system. Below, the 
security of the system is described and the re- 
quirements which are furthermore made to the sys- 
tem, so that this can be of practical use. 

20 There are security systems which are impos- 
sible to break, but which are useless in practice, 
but also security systems which are commercially 
available and appear to be of practical use, but 
which unfortunately are also easy to break. 

25 A number of security requirements which the 
system fulfils will be described now: 

1. Large key room 

2. No real or statistical possibility of finding a 
key on the basis of clear text and crypto text 

so 3. No clear text in crypto text 

4. Stratified structure of the transmission net- 
work 

Re 1. The number of keys must -be so large 
that it is not practically possible to find the right 

35 key by exhaustive search. It must be required that 
two different keys encrypt the same clear text into 
different crypto texts. Exactly how large the key 
room must be, naturally also depends on the re- 
sources which are available to a potential "enemy". 

40 For the transactions mentioned in this system, 56 
bits as* in DES are sufficient, as it oa average will 
take at least 4 months to decipher a crypto text 
with the fastest available computer power. As a 
new key is used for each transmission, it will be 

45 practically impossible to obtain full insight 

Re 2. Even though many coherent clear text 
messages and corresponding crypto text messages 
are known, it must not be possible to determine the 
applied key on the basis of this. 

so Re 3. In the crypto text there must be no 
statistical significant trace of the clear text If there 
is no such trace, the "enemy's" only weapon is 
exhaustive search, if only the crypto text is avail- 
able. 

55 Re 4. The interface specifications for the trans- 
mission network via which the encrypted data or 
text has to be transmitted, normally also prescribe 
transmission of operational control information 
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which should of course not be encrypted similar to 
address fields and the like for the data mentioned. 
Problems may arise, if the interfacing means does 
not -have a stratified structure or if it is not quite 
dear at which level the encryption is to take place. 

Use of chip cards and the DES algorithm pro- 
vides a solution in which 

1. the size of the key room is sufficient 
especially as different keys are used for different 
transfers, and the key for exchange of encryption 
key is safely hidden in the chip card, 

2. it has no practical value to find a key on 
the basis of both clear text and crypto text, as this 
key is only used for one transmission, and 

3. DES encryption of the documents ensures 
that there is no clear text in the crypto texts. 

When using chip card and DES algorithm in 
this way, the public X25 network as well as a 
teletel videotex network are used. Both these net- 
works facilitate a transparent transfer of encrypted 
text There are various protocols for transfer, which 
are followed in connection with the document trans- 
fer. For the videotex network, the LECAM protocol 
is used. 



Symmetrical/asymmetrical systems 

Wherever possible, simple methods are used 
for securing data, however, without reducing the 
security. Accordingly a symmetrical system (e.g. 
DES) is preferred to an asymmetrical system (e.g. 
RSA), as an asymmetrical system,, such as RSA 
requires far more computer power than a symmet- 
rical system, such as DES. A symmetrical system, 
such as DES, on the other hand, requires greater 
security concerning keys. (Concerning DES and 
RSA see above). 

1. Symmetrical crypto systems 

2. Asymmetrical crypto systems 

3. Speeds 

Re 1. A symmetrical crypto system is char- 
acterized in that the same key is used for encryp- 
tion and decryption. A much used and safe al- 
gorithm for this use is the DES algorithm. 

The DES algorithm (Data Encryption Standard) 
was developed by IBM in cooperation with the 
National Bureau of Standards NBS) and published 
in 1977. DES is only used for civilian encryption 
and is today the most widespread crypto system. 
In particular, DES is very much used within the 
banking world, also in the "DANKORT-system. 

In the DES algorithm, encryption is made in 
blocks of 64 bits by means of a key of 56 bits. 
First, the 64 bits to be encrypted are subjected to a 
permutation, which serves to mix the bits, as input 
in the typical application consists of 8 bytes. Fol- 
lowing this, 16 Iterated encryptions are made by 



means of various keys, derived from the chosen 
key and the clear text, as the 64 bits before each 
iteration have been divided into a left-hand side U 
and a right-hand side Ri, each consisting of 32 bits. 

5 In the i + 1st iteration Ri is transferred as the next 
left-hand side Li + 1, and the new right-hand side 
Ri + 1 is produced as XOR of Li and 32 other bits, 
which appears as a complex, but completely de- 
scribed function of Ri and Ki + 1, where Ki + 1 is a 

10 key of 48 bits, which is derived from the chosen 
key of 56 bits. 

The function itself can be described as follows: 
the 32 bits in Ri are changed to 48 bits by bit- 
shifting and are then permuted. XOR of Ki + 1 is 

is generated. The resulting 48 bits are counted 6 at a 
time in 8 families, which by means of S-boxes are 
converted to 8 families with only 4 bit in each, so 
that 32 bits are delivered. After a fixed permutation 
of these, the above 32 bits are found. 

20 After 16 iterations, the 64 bits are permuted 
with the inverse permutation of the initial one. This 
is necessary to ensure that the subsequent decryp- 
tion of the crypto text can be made by simply 
performing the DES-algorithm again, but with the 

25 16 derived keys in inverse order. 

Re 2. The difference between a symmetrical 
crypto system and an asymmetrical crypto system 
is that it is not possible in an asymmetrical system 
by way of calculation to find the decryption key, 

30 even though the encryption key is known, and vice 
versa. 

Instead of "encryption" and "decryption" it is 
therefore more correct to speak of a secret trans- 
formation key SK (Secret Key) and a public trans- 

35 formation key PK (Public Key). In particular, it is 
required for all messages, X that 
PK(SK(X) - X and SK(PK(X) — X 

An asymmetrical crypto system can be used 
for both concealment and authenticity, and even for 

40 generation of digital signatures. It must, however, 
be pointed out that for each individual user A who 
chooses a key or rather a pair of keys (PA, SA), A 
can use SA for receipt of secret messages as well 
as for his own digital signature and other persons' 

45 public keys to send concealed messages. In return, 
other persons can use A's public key to send 
concealed messages to A 

One of the best known asymmetrical crypto 
systems is the RSA crypto system (named after 

so the fathers of the system: Rivest, Shamir and Adel- 
man). It is based on experiences which mathemati- 
cians have obtained over several thousand years 
concerning prime numbers. It is relatively easy to 
decide whether a specific, chosen number n is a 

55 prime number or not, but if it turns out that it is not 
a prime number, the difficulties of finding the prime 
number divisors increase exponentially with the 
magnitude of the number. Even when using all the 
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artifices which mathematicians have developed in 
the course of time, it has not been possible to find 
a simple way of deducing the prime number di- 
visors. There are extremely many numbers of hun- 
dred digits or less (the limit today is about 90), 
which are practically impossible to resolve into 
prime factors. 

In the RSA crypto system, the origin is two 
randomly chosen prime numbers p and q of ap- 
prox. 100 digits each. These prime numbers must 
be strong prime numbers, which have the effect 
that it by means of known methods will take billions 
of years to find the divisors in n on the basis of n 
= pq (p and q are kept secret). It is necessary that 
these properties are available because of the secu- 
rity of the system. Then a number e is chosen, 
which must be prime with (p-1)(q-1). Knowing p 
and q it is possible to find another number d with 
the following properties: 

Given a random number m less than n, the 
remainder of m d e (i.e. m multiplied by itself (d 
multiplied by e) times) by subsequent division of 
integers with n, will again give the number m. 

It is possible in several ways to divide mes- 
sages into blocks, which can be represented 
uniquely as numbers between 1 and n r e.g. by 
means of ASCII codes. A clear text m, represented 
in this way, is thereafter encrypted as 
c=m* modulus n, 

i.e. the remainder of m multiplied by itself e times, 
by subsequent division of integers with n. 

Decryption of c is made by calculating 
c d modulus n 

which according to the above is equal to m. 

The pair of numbers (e, n) can, of course, be 
used to specify a public key, viz. the key 
P(m)=m fi modulus n, 

whereas the pair of numbers (d, n) specifies the 
secret key 
SfxJ^x* 1 modulus n, 

(it is only d, which must be kept secret together 
with p and q). 

Hereby a public key system results. 

Re 3. An important requirement for crypto sys- 
tems is often that a certain speed is guaranteed. 
Hardware equipment where the algorithm is stored 
in a specially designed chip, operates with far 
greater speed than software equipment. It may be 
a question of a factor of hundred or more, depend- 
ing on the equipment 

As an example it is to be mentioned that DES 
in software in e.g. equipment with an INTEL 8086 
processor and a clock frequency of 4,7 MHz en- 
crypts at a speed of approx. a few thousand bits 
per second (there is a possibility of considerable 
variations depending on the implementation). 

As regards software implementation of RSA the 
fastest 32 bit chips today, e.g. MOTOROLA 68030, 



with a clock frequency of 20 MHz, will produce an 
RSA block encryption of 512 bits in approx. 4. sec. 
and a decryption in approx. 1 sec. (by means of a 
minor mathematical artifice). By means of so-called 

s "digital signal processing" chips, this can be re- 
duced even further, presumably to 1 sec. or less 
for an encryption. 

On the market today "black boxes" are avail- 
able containing encryption chips, which can make 

w an encryption with a high security level. One of 
these is a so-called SCP-box which in addition to 
being a Chipcard reader with keyboard for PIN- 
code control also comprises a display, a relatively 
fast CPU, 128 Kb RAM and the DES as well as 

75 RSA algorithms. The box is designed in such a 
way that it destroys itself when it is attempted to 
gain physical access to the electronics, i.e. it is so- 
called "tamper-proof" box. It has an encryption 
capacity of about 40,000 bytes per minute with the 

20 DES algorithm. By using this box the ability of the 
Chip card to store keys is used to ensure au- 
thenticity and by means of a table in the RAM 
storage in combination with the chip card, keys can 
be worked out which are unique to the individual 

25 encryption and transfer of information. 



Chip cards 

30 From a cryptotogical point of view, the explo- 
sive development of very small chips has facilitated 
a very interesting development viz. the chip card. 
This card has the same shape and size as a 
magnetic card, but contains furthermore as men- 

35 tioned above a small processor and a small storage 
(typically 1-2 kbyte), which may e.g. be of the type 
EEPROM (Electrically Eraseable Programmable 
Read Only Memory), so that both input and output 
access can be obtained via a card reader. 

40 Such a card is particularly suitable for storage 
of e.g. a secret key. It is furthermore possible to 
protect this key efficiently by an encryption con- 
trolled by a PIN code, and by securing the key so 
that it cannot be read from the card, but only be 

45 used for encryption and decryption. It is also possi- 
' ble to let the card destroy itself (logically) if a 
wrong PIN code is used more than e.g. three 
times, and to give it a definite lifetime (a certain 
number of applications). 

so 

Detailed description of chip cards 

The chip card contains a micro processor, data 
55 and program storage and an I/O gate, secret in- 
formation and protected information being hidden 
or stored in a data. memory. As the I/O gate is 
controlled by the micro processor, all reading of 
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information is controlled by the micro processor. 
Reading of secret data is not possible and reading 
of protected data is only possible after positive 
validation of the PIN code of the card. With correct 
PIN code it is possible to encrypt and decrypt data 
and to generate temporary keys. For encryption 
and decryption, the Data Encryption Standard 
(DES) is used. In addition to the operating system 
for the micro processor the program memory also 
contains the encryption algorithm DES. This has 
the result that the card can in fact be used to 
encrypt and decrypt data, even though it is quite a 
slow process (approx. 128 bytes per second). 

The chip card in its present versions (DES 
Smart Card (Philips) and CPS Smart Card (Bull)) 
can contain up to 1024 bytes information including 
various "headers". This corresponds to 500-800 
bytes of user information, depending on the struc- 
ture of the information in the card. 

For different types of cards exist 

Batch card: this card is received together with 
the new cards and is used when personalizing 
these. 

Root card: This card is used during the per- 
sonalization to decrypt the application keys and the 
personal keys, before they are written into the chip 
card. This has the effect that the personal keys can 
be stored in a file in encrypted form and will only 
be known in the memory of the personalizing sys- 
tem during the execution of the perso nalization. 
The root card contains for each type of personal 
key a corresponding Root key. 

Rehabilitation card: Is used when rehabilitating 
a Transaction card. 

Transaction card: This is the card which is 
handed out to the users. It is used to store and 
protect personal keys and for generation of tem- 
porary keys for access control and encryption and 
decryption. 

The lifetime of the chip card is divided into 
different phases: 

1. Pre-personalization 

2. Personalization 

3. Active 

4. End-of-life 

5. Rehabilitation 



Re 1. Pre-personalization 

In this phase the card is empty apart from 
production information. The only information con- 
tained in the card at this time is a production key 
and information as to which "batch" the card be- 
longs to. In order to obtain access to the memory 
of the card, it is necessary to know or gain access 
to the production key, which can only be obtained 
by having in one's possession the so-called Batch 



card which belongs to this particular "batch". 

This ensures that only the holder of the Batch 
card can personalize cards and that the batch card 
holder only can personalize cards belonging to the 
s "batch" in question. 



Re 2. Personalization 

io When the production key is presented to the 
chip card, it is possible to input information into the 
memory. Information can e.g. be secret keys, DES 
identification, the names of the card holder and the 
card issuer, etc. When this phase is over, the card 

15 enters its active phase. 



Re 3. Active 

20 In this phase, the card is used by a user for 
encryption and decryption and for generating tem- 
porary keys. 

The card can be used .until one of three situ- 
ations appear. 

25 a) The card is invalidated by an end-of-life 

instruction. 

b) One the control zones of the card is full. 
The card contains three special zones: production 
key control zone, application key control zone and 

30 PIN control zone. In the first two zones a bit will be 
placed when an error has been made when pre- 
senting a key. In the last zone a bit is placed, each 
time a check is made for .the PIN code. If the last 
zone runs full, the card enters the end-of-life 

35 phase. This will happen after a maximum of 6000 
presentations of the PIN code. The contents of this 
zone are reduced when user information and ser- 
vice keys are input into the card. 

c) Three consecutive incorrect PIN code in- 
40 puts cause the card to be locked. The card can be 

opened again by rehabilitation. 



Re 4 End of life 

45 

In this phase, the card cannot be used. Hie 
card can be rehabilitated, if incorrect PIN code has 
been used. 

50 

Re 5. Rehabilitation 

The card can be rehabilitated if the card holder 
still remembers the correct PIN code, otherwise 
55 not Rehabilitation should be made by the card 
issuer and card holder jointly. In order to rehabili- 
tate a chip card, a card is used which is specially 
designed for this purpose, viz. the rehabilitation 
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card. 

The design of the chip card provides a pos- 
sibility of storing keys protected by PIN code, 
possibly encrypted and dedicated use of the keys 
(e.g. only decryption). At the same time the input- 
ting of information and keys in a chip card depends 
on whether you have access to both the Root card 
and the Batch card, i.e. that only specific persons 
have access to input keys/information. 



Administration of keys 

One of the largest problems in connection with 
a crypto system of practical use is the actual 
handling of keys, as the keys are the "interface" of 
the system towards the users and constitute the 
weakest link of a system. 

When a user is to have a key handed out or 
registered, it must be possible to identify him in a 
satisfactory way. The key is kept on a chip card, 
which can be allotted a definite lifetime, and which, 
as mentioned above, also destroys itself, when a 
wrong PIN code has been used three times. 

The more a key is used, the greater the risk for 
the key becoming known. It is therefore necessary 
to change the key at frequent intervals. As the 
number of users becomes large, and arbitrary us- 
ers must communicate with each other in encryp- 
ted form, the users are equipped with keys which 
are not used for data and file encryption, but only 
for exchange of the real encryption keys. 

An administration is created around . the secu- 
rity system and the handling of the keys, which 

a) ensures that the used keys are kept se- 
cret, 

b) ensures a possibility of being able to 
recreate used secret keys and provides a possibil- 
ity of verifying that a certain key has been used for 
a specific purpose, 

c) gives a simple and safe allocation of keys, 

and 

d) prevents swindling with the allocation of 
chip cards by a stable and hermetic procedure. 

The procedures for setting up the keys in con- 
nection with a chip card comprise: 

1 . Generation of keys 

2. Inputting keys and desired information into 
chip cards 

3. Distribution of cards 

4. Renewal/withdrawal of cards 



Re 1. Generation of cards 

The keys for inputting information into the chip 
card are generated in such a way that they are 
both different and generated from random num- 



bers. Accordingly, it is not possible to predict or 
guess the value of a key. In order to start the 
program for generating keys, a chip card must be 
presented (secured by a PIN code). The keys 
5 generated are stored in encrypted form in a file by 
means of this card. 



Re 2. Inputting keys and desired information into 
w the chip card 

The data (keys and possible information) which 
are to be input into the cards, as provided by an 
application from the file in which they were ar- 

75 ranged previously. The application sees to it that 
this data can only be transferred from the encryp- 
ted file to a chip card by two different persons with 
two different chip cards each having its own PIN 
code. The first card is a card which has been 

20 alloted to the card issuer and the contents of which 
are known exclusively by the manufacturer produc- 
ing the "empty" chip cards. The second card is a 
card which follows the batch of cards being pre- 
pared. Accordingly, the person(s) generating the 

25 keys and the information has/have no possibility of 
inputting the keys and the information into the chip 
cards. On the other hand, the person(s) inputting 
the data into the chip cards has/have no possibility 
of learning what is being input into the cards. When 

30 the cards are being prepared, a logging to an 
encrypted file will be carried out. This file will be 
error tolerant and the mirror of an alternative phys- 
ical position. The file will be secured by means of 
an appropriate security routine. 

35 

Re 3. Distribution of cards 

Traditionally, the cards are issued to the users 
40 in batches. The card is sent separately and the PIN 
code is sent separately. The PIN code is sent or 
delivered after accept of receipt of the card. 



45 Re 4. Renewal/withdrawal of cards 

When a card has run out for one reason or 
another, it must be returned to the card issuer as 
far as possible. The card issuer destroys it and 

50 possibly issues a new card to replace the old card. 
For security reasons ft is preferred that when 
changing cards, a new card is produced which is 
different in terms of the input keys from the card 
which has run out ff a user ceases to use the chip 

55 card, the card must be returned to the card issuer. 
Under all circumstances the card is blocked elec- 
tronically. A possibility of blocking the card at the 
first presentation after the blocking can be input 
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Observation of these precautions ensures 
that one person alone cannot produce a chip card, 
that only the card issuer can input information and 
keys, 

that keys can be produced at any time for verifica- 
tion of the use of a card which has run out and that 
the right user gets possession of the cards without 
any risk that the card is used by unauthorized 
persons. 



Authenticity 

The authenticity, Le. security that the parties 
involved, transmittetfreceiver are who they pretend 
to be, can be ensured in various ways, depending 
on whether the system is 

1. a symmetrical system or 

2. an asymmetrical system 



Re 1. Symmetrical crypto system 

In order to ensure that a transmitter (A) and a 
receiver (B) are who they pretend to be, A sends a 
number in encrypted form to B, and B verifies that 
the number comes from A. Then B sends a com- 
bination of a part of the number which B received 
from A, together with a number generated by B in 
encrypted form to A. A can hereafter verify that the 
combination has come from B, and at the same 
time A can check the part of the number which was 
generated by A. A now encrypts the number which 
A received from B and sends it back to B, who 
after verification can see that B has received the 
same combination as B sent to A. Below, it is 
outlined how a chip card can be used to ensure 
authenticity. When using the symmetrical crypto 
system a faint risk must be anticipated of a key 
being broken and data being read by third parties. 
This risk arises if a former member of the system 
with a thorough knowledge of the type of initial 
exchange of messages is in possession of a valid 
chip card and if this member taps the connection 
between transmitter and receiver and is in posses- 
sion of the used crypto program. 

Such a person will be able to decrypt the 
documents which are exchanged, encrypted with 
the described key in the transmission in question. 
However, It will not be possible to change the 
contents of the document and a renewed decipher- 
ing will also have to be made when tapping the 
next document transfer, as a new key is used for 
this transfer. 

In the system according to the invention, a chip 
card reader 122, 222 and 426, respectively, is 
connected to each computer system or each host, 
the computer systems 100, 200 and 400. 



The two computer systems constituting trans- 
mitter and receiver, the computer systems 100 and 
200, respectively, shown in fig. 1-4, are equipped 
with authorized chip cards and are authorized to 
5 use these. 

Each card 122 and 222 has two service zones 
for this purpose: 

A service zone with a "Verification key" <Vk) which 

is used to verify that the encryption which the 
to opposite party has used is correct. 

A service zone with a "Signature key" (Sk) which is 

used for encryption of the communication. 

Vk can only be used for decryption and Sk can 

only be used for encryption. 
is In the procedure shown in fig. 5, the following 

abbreviations are used: 

VkA : Verification key for A or the computer system 
100 

SkA : Signature key for A or the computer system 
20 100 

VkN : Verification key for B or the computer sys- 
tem 200 

SkB : Signature key for B or the computer system 
200 

25 E : Encryption 
D : Decryption 

R1, R2, R2: Random numbers 
M1, M2, M3: Transferred messages 
IdA : The publicly known identification for A or the 
so computer system 100 

IdB : The publicly known identification for B or the 
computer system 200 

The procedure appears from fig. 5. 

35 

Re 2. Asymmetrical crypto system 

The authenticity verification described above 
with reference to fig. 5 is solely based on the 

40 application of an encryption system based on DES, 
but for the sake of completeness, the asymmetrical 
system is briefly described below. 

If A or the computer 100 is to send a clear text 
M, which is to be kept secret when being transmit- 

45 ted, to B or the computer system 200, A uses B's 
public key PB, which B has made public to every- 
one, and sends 
PB(M) -*C 

Only B can decrypt, as only B knows his 
so private key and SB(C)-*M. 

If A is to send a clear text X to B in encrypted 
form in such a way that B can check that the 
message comes from A, A sends 
SA(X)-*Y. 

55 B then tries with A*s public key PA and finds 
PA(Y)-Y 

If X is meaningful, then SA must have been 
used, as only A can encrypt in such a way that PA 
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can decrypt into anything meaningful. It should.be 
noted that authenticity is only ensured the first time 
the message X is signed. In practice therefore, 
such a message must be unique, e.g. by indicating 
the time of the day. 

Both properties can be obtained in the follow- 
ing way: 

If A wishes to send M to B, so that B is sure 
that the message comes from A at the same time 
ensuring that only B of all people can decrypt the 
message, A sends 
PB(SA(M)-€. 

The only way in which M can be deduced as 
follows: 
PA(SB(C))-M 



Integrity 

The integrity ensures that data is not changed 
during or after a concluded transmission. This is 
ensured by calculating the transmitter's (A) signa- 
ture and the receiver's (B) signature, adding these 
to the document and having both A and B verify 
these signatures. With the DES algorithm, signa- 
tures are produced which can be encrypted and 
verified by means of chip card: 

In the system according to the invention, a chip 
card reader is connected to each computer system 
or each host The two computer systems constitut- 
ing transmitter and receiver, 100 and 200 respec- 
tively, shown in fig. 1-4, are equipped with au- 
thorized chip cards and are authorized to use 
these. 

For this purpose, each card has three service 
zones: 

- A service zone with a so-called "Verification key" 
(Vk), which is used for verifying the signature which 
the opposite party has added to the document. 

- A service zone with a "Signature key" (Sk) which 
is used to encrypt the signature. 

- A service zone with a "Compression key" (Ck) 
which is used to produce the signature (MAC). 

Vk can only be used for decryption and Sk can 
only be used for encryption. Ck is identical in alt 
chip cards and can be used for compacting the 
document to the signature. 

In the procedure shown in fig. 6, the following 
abbreviations are used: 

VkA: Verification key for A or the computer system 
100 

SkA: Signature key for A or the computer system 
100 

MacA: The compacted document seen from A's 
side 

EmacA: The encrypted MacA 

VkB: Verification key for B or the computer system 

200 



SkB: Signature key for B or the computer system 
200 

MacB: The compacted document seen from B*s 
.side 

s EmacB: The encrypted MacB 
Ck: Compression key 
E: Encryption 
D: Decryption 
C: Compression 

io R1: Random numbers exchanged previously 
M1 , M2, M3: Transferred messages 
IdA: The publicly known identification for A 
IdB: The publicly known identification for B 
The procedure appears from fig. 6 

75 The integrity is ensured as both transmitter and 
receiver are certain that (have a possibility of 
checking) that the document has not been changed 
before or after the transmission without possible 
changes being unambiguously ascertainable. The 

20 function *A2 is built up in such a way that the chip 
card can produce a key by means of a publicly 
known identification which can decrypt the encryp- 
ted B/Mac and thus provide a basis for checking 
that the Mac which is added to the document is 

25 valid, i.e. calculated oh the basis of the document 
received by the expected transmitter. The same 
applies in the opposite direction to the function *B2. 

It is important that the Mac's produced are 
hidden In the document, as they are the unique 

30 signatures of the parties. 

Security of access to the videotex system is 
shown in fig. 4 

This security is ensured by using chip cards 
for automatic log-on to the videotex system: 

35 1. Automatic presentation of identification 

and password 

2. Encryption of communication between ter- 
minal and videotex server 

2. Security in the videotex server as regards 

40 the individual user's access to the individual mail 
boxes and the applications of the system. 

Re 1. Automatic presentation of identification and 
46 password 

A chip card reader 422 of the type LECAM 
connected to a Minitel 409 has an intelligence 
which has the effect that it reads in a certain 

so position on the card searching for data for an 
automatized dialling. When the dialling has been 
made, the application which is running on the 
videotex system will transfer a program to the RAM 
storage of the chip card reader. This program will 

65 then find identification and password in the card, 
ask for the PIN code to be entered and commu- 
nicate with the application on the videotex server. If 
the PIN code is stated incorrectly, the program has 
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no possibility of collecting information in the chip 
card. 



Re 2. Encryption of communication between termi- 
nal and videotex server 

The program which is transferred to the chip 
card reader, finds the key which is to be used for 
encryption, by looking up the chip card. The 
videotex application looks up a table in the host or 
the computer system 400 and finds a correspond- 
ing key. Encryption is made on the basis of this 
key for the whole communication between Minitel 
400 and Host 400. It is expedient to use this 
encryption key to encrypt the exchange of the 
randomly chosen key which is used for encryption 
of the rest of the communication, as this has the 
result that a different encryption key is used for 
each individual communication. 



Re 3. Security in the videotex server as regards the 
individual user's access to the individual mail 
boxes and the applications of the system 

The access to mail boxes, data and applica- 
tions in the videotex server is ensured by the "log- 
on" which is made on the basis of the information 
residing in the chip card. As the exchange of 
identification and password takes place in encryp- 
ted form, it will not be possible by tapping the tine 
and the terminal to reconstruct these. In other 
words, it wilt not be possible to get in contact with 
the mail boxes without possessing a chip card with 
a secret PIN code (which is only found in the card). 

After access has been obtained to the video 
tex system, it is secured that access cannot be 
obtained to a basic host computer. This is done to 
avoid that data hackers by an error in the video tex 
system can obtain access to the operating system 
of the host computer. 



Security when exchanging documents 

The security system sees to it that documents 
which are built up according to the EDIFACT stan- 
dard can be transferred securely between con- 
nected hosts. 

It is ensured 

1. that the documents can be endorsed with 
signature, 

2. that the documents cannot be forged, 

3. that the documents can only be read 
by/transferred to the person authorized, and 

4. that it is possible to produce unambiguous 
evidence in connection with a possible dispute 



Re 1. The documents can be endorsed with a 
signature 

The transmitter goes through the document or 
5 parts thereof in order to generate an abbreviated 
expression of the document (e.g. a 64 bit key). 
This expression contains at least a serial number, 
date, time and all the sensitive data. This expres- 
sion is encrypted by a chip card with a key which 
70 is found in the card and which cannot be read but 
only used for encryption or decryption in the card. 
The encrypted result (MAC = Message Authen- 
tication Code) is unique to this document and this 
transmitter, and the MAC is added to the docu- 
75 ment, whereupon it is ready for "dispatch". 



Re 2. The documents cannot be forged 

20 If changes are made in the document after the 
transfer is considered to be concluded, it will be 
possible to ascertain this, as the MAC'S which are 
included in the document can be validated, where- 
upon the document is accepted or considered as 

25 invalid. 



Re 3. The documents can only be read 
by/transferred to the authorized person 

30 

Both transmitter and receiver make sure that 
they are in contact with the right person, where- 
upon the document is encrypted by means of a 
key which is known by transmitter and receiver 
35 exclusively and which is arbitrary and only applies 
to this one transfer. 



Re 4. Possibility of producing unambiguous evi- 
40 dence in connection with a possible dispute (MAC) 

This is ensured by the card issuer's keeping 
the issued keys in a satisfactory way so that it can 
be decided at any time whether there is identity 
45 between a document and the associated MAC'S. 



EDIFACT definition 

so EDIFACT (Electronic Data Interchange For Ad- 
ministration, Commerce and Transport) is a stan- 
dardised method of electronic transfer of all busi- 
ness related documents, which have an organized 
structure. The standard - which is approved by ISO 

55 (International Standard Organization) - is meant for 
exchange of documents between computer sys- 
tems on both a domestic and a foreign level; the 
standard is therefore not dependent on language. 
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The standard does not prescribe how the actual 
network communication must be carried out; it is a 
technically independent standard. 

An ED I FACT document can be divided into 
certain parts or modules, which are called seg- 5 
merits. Each segment has a specific purpose in the 
document in question, and the position of the seg- 
ment in the message is prescribed by the standard 
for the document type in question. All segments 
are identified by a 3-letter code as prescribed by 10 
the standard. A message consists of many different 
segments which together contain all the information 
which is necessary to create the document 

A segment may e.g. look like this: 
CUX+DEM:IN 15 
CUX is a segment head; CUX means type of 
currency 

+ is a data element punctuation mark 
DEM means German marks - the value can be 
anything else; arbitrarily definable as long as both 20 
transmitter and receiver agree to the meaning of 
the codes 

: is a data component punctuation mark 
IN is an abbreviation of INvoice - also arbitrarily 
definable 25 
designates the end of a segment 

The contents of a segment can be divided into 
data elements. A data element is divided into one 
or more data components. In the above example 
with the segment CUX, only one data element is ' ' 30 
found. This data element consists of 2 data compo- 
nents, viz DEM and IN. 

: is the punctuation mark separating coherent 
data components, whereas + is the separator for 
the individual data elements in a segment This 35 
technique of describing information in a document 
is general and is used in all EDI FACT segments. 

The data which follows a given segment head, 
is defined in the standard and is therefore unalter- 
able. It is, however, not all data which is compul- 40 
sory - quite a few can be omitted depending on the 
need. 

To a very large extent, codes are used in the 
individual segments. By this is meant e.g. DEM in 
the above example which means German marks. 45 

Both parties to the communication (transmitter 
and receiver) must agree to the application of 
these, as these are not covered by the standard. 



Claims 

1. A method of transferring data, an electronic 
document or the like from a first computer system 
to a second computer system via a data transmis- 55 
sion line, e.g. a public data transmission line, 
wherein for said transfer 

a first station is used for outputting data from and 



inputting data into a first electronic card, said first 
station being connected to and communicating with 
said first computer system and furthermore being 
connected to said data transmission line via said 
first computer system and interfacing means, and 
a second station is used for outputting data from 
and inputting data into a second electronic card, 
said second station being connected to and com- 
municating with said second 'computer system and 
furthermore being connected to said data transmis- 
sion line via this second computer system and 
interfacing means, 

said first and second electronic card each compris- 
ing a central data processing unit an internal stor- 
age means, an input/output gate for communication 
with said corresponding station as well as an 
encryption/decryption means and together consti- 
tuting a coherent set of cards comprising coherent 
encryption and decryption keys input into said in- 
ternal storages of said cards, 
said data or said electronic document being trans- 
ferred to said first electronic card from said first 
computer system via said first station and said 
input/output gate of said first electronic card, being 
input into and being temporarily stored in said 
internal storage of said first electronic card, 
said data or said electronic document being output 
from said internal storage of said first electronic 
card and being encrypted in said first electronic 
card by means of said encryption/decryption 
means of said first electronic card and said encryp- 
tion key(s) stored in said internal storage of said 
first electronic card, 

said data or said electronic document being output 
from said first electronic card in encrypted form via 
said input/output gate of said first electronic card 
and being transferred via said first station to said 
first computer system and being transferred there- 
from via said interfacing means of said first com- 
puter system to said data transmission line, 
said data or said electronic document being re- 
ceived by said second computer system in encryp- 
ted form via said interfacing means of said second 
computer system, being transferred to said second 
electronic card via said second station and via said 
input/output gate of said second electronic card, 
being input into and temporarily stored in said 
internal storage of said second electronic card, 
said data or said electronic document being output 
from said internal storage of said first electronic 
card in encrypted form and being decrypted in said 
second electronic card by means of said 
encryption/decryption means of said second elec- 
tronic card and said decryption key(s) stored in 
said internal storage of said second electronic card, 
and 

said data or said electronic document being output 
after decryption in said second electronic card from 
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said second electronic card and output to said 
second computer system via said input/output gate 
of said second electronic card and via said second 
station. 

2. A method according to claim 1. a verification 
of the authenticity of said first electronic card rela- 
tive to said second electronic card and vice versa 
being made prior to said transfer of said data or 
said electronic document from said first computer 
system to said second computer system. 

3. A method according to any of the preceding 
claims, at said transfer of said data or said elec- 
tronic document from said first computer system to 
said second computer system, a verification of the 
integrity of said data or said document transfer 
being made. 

4. A method according to any of the preceding 
claims, said inputting into, said outputting from, 
said encryption and said decryption and possibly 
said authenticity and integrity verification being 
controlled autonomously by said central data pro- 
cessing unit of said individual card. 

5. A method according to any of the preceding 
claims, said transfer of said data or said electronic 
document being made in accordance with the 
LECAM protocol. 

6. A method according to claim 2, said au- 
thenticity verification being made by 

a first set of data being generated in said first 
electronic card, said set of data being input into 
and stored in said internal storage of said first 
electronic card and being encrypted in said first 
electronic card by means of said 
encryption/decryption means of said first electronic . 
card and said encryption key(s) stored in said 
internal storage of said first electronic card, 
said first set of data being output from said first 
electronic card in encrypted form via said 
input/output gate of said first electronic card, being 
transferred via said first station to said first com- 
puter system and being transferred therefrom via 
said interfacing means of said first computer sys- 
tem to said data transmission line, 
said first set of data being received by said second 
computer system in encrypted form via said inter- 
facing means of said second computer system, 
being transferred to said second electronic card via 
said second station and via said input/output gate 
of said second electronic card being input into and 
temporarily stored in said internal storage of said 
second electronic card, 

said first set of data received by said second 
computer system in encrypted form being output 
from said internal storage of said second electronic 
card and being decrypted in said second electronic 
card by means of said encryption/decryption 
means of said second electronic card and said 
decryption key(s) stored in said internal storage of 



said second electronic card, 
said first set of data received by said second 
computer system in encrypted form and decrypted 
in said second electronic card being input into and 
5 stored in said interna) storage of said second elec- 
tronic card, 

a second set of data being generated in said sec- 
ond electronic card, said second set of data being 
input into and stored in said internal storage of said 

10 second electronic card, 

a first combination of said first set of data received 
by said second computer system in encrypted 
form, decrypted and stored in said internal storage 
of said second electronic card and said second set 

76 of data stored in said internal storage of said sec- 
ond electronic card being generated in said second 
electronic card, said first combination being input 
into and stored in said internal storage of said 
second electronic card, 

20 said first combination being encrypted in said sec- 
ond electronic card by means of said 
encryption/decryption means of said second elec- 
tronic card and said encryption key(s) stored in 
said internal storage of said second electronic card, 

25 said first combination being output from said sec- 
ond electronic card in encrypted form via said 
input/output gate of said second electronic card, 
being transferred via said second station to said 
second computer system and being transferred 

30 therefrom via said interfacing means of said sec- 
ond computer system to said data transmission 
line, 

said first combination being received by said first 
computer system in encrypted form via said inter- 
as facing means of said first computer system, being 
transferred to said first electronic card via said first 
station and via said input/output gate of said first 
electronic card, being input into and temporarily 
stored in said interna) storage of said first elec- 
40 tronlc card, 

said first combination received by said first com- 
puter system in encrypted form being output from 
said internal storage of said first electronic card 
and being decrypted in said first electronic card by 
45 means of encryption/decryption means of said first 
• electronic card and said decryption key(s) stored in 
said internal storage of said first electronic card, 
said first combination received by said first com- 
puter system in encrypted form and decrypted in 
so said first electronic card being input into and stored 
in said internal storage of said first electronic card, 
said first combination stored in said internal storage 
of said first electronic card being decombined for 
producing a first set of data retransmitted to said 
55 first electronic card and a second set of data trans- 
ferred to said first electronic card, 
said first set of data retransmitted to said first 
electronic card and said second set of data trans- 
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ferred to said first electronic card being input into 
and stored in said internal storage of said first 
electronic card, 

said first set of data stored in said internal storage 
of said first electronic card being compared to said 5 
first set of data re transmitted to said first elec- 
tronic card and stored in said internal storage of 
said first electronic card for verification of identity 
between these sets of data for verification of the 
authenticity of said second electronic card relative w 
to said first electronic card, 
a third set of data being generated in said first 
electronic card, said third set of data being input 
into and stored in said internal storage of said first 
electronic card, is 
a second combination of said second set of data 
received in encrypted form by said first computer 
system, decrypted and stored in said internal stor- 
age of said first electronic card and said third set of 
data stored in said internal storage of said first 20 
electronic card being generated in said first elec- 
tronic card, said second combination being input 
into and stored in said internal storage of said first 
electronic card, 

said second combination being encrypted in said 25 
first electronic card by means of said 
encryption/decryption means of said first electronic 
card and said encryption key(s) stored in said 
internal storage of said first electronic card, 
said second combination being output from said so 
first electronic card in encrypted form via said 
inputfoutput gate of said first electronic card, being 
transferred via said first station to said first com- 
puter system and being transferred therefrom via 
said interfacing means of said first computer sys- 35 
tern to said data transmission line, 
said second combination being received by said 
second computer system in encrypted form via 
said interfacing means of said second computer 
system, being transferred to said second electronic 40 
card via said second station and via said 
input/output gate of said second electronic card, 
being input into and temporarily stored in said 
internal storage of said second electronic card, 
said second combination received by said second . 45 
computer system in encrypted form being output 
from said internal storage of said second electronic 
card and being decrypted in said second electronic 
card by means of said encryption/decryption 
means of said second electronic card and said so 
decryption key(s) stored in said internal storage of 
said second electronic card, 
said second combination received by said second 
computer system in encrypted form and decrypted 
being input into and stored in said internal storage 65 
of said second electronic card, 
said second combination stored in said internal 
storage of said second electronic card being de-' 



combined for producing a second set of data re- 
transmitted to said second electronic card and third 
set of data transferred to said second electronic 
card, 

said second set of data retransmitted to said sec- 
ond electronic card and said third set of data 
transferred to said second electronic card being 
input into and stored in said internal storage of said 
second electronic card, and 
said second set of data stored in said internal 
storage of said second electronic card being com- 
pared to second set of data retransmitted to said 
second electronic card and stored in said internal 
storage of said second electronic card for verifica- 
tion of identity between these sets of data for 
verification of the authenticity of said first electronic 
card relative to said second electronic card. 

7. A method according to claim 3, said integrity 
verification being made by 
a compacted version of said data or said electronic 
document being generated in said first computer 
system or said first electronic card, said com- 
pacted version being input into and stored in said 
internal storage of said first electronic card, 
a compacted version of said data transferred to 
said second computer system or of said electronic 
document transferred to said second computer 
system being generated in said second computer 
system or in said second electronic card, said 
compacted version being input into and stored in 
said internal storage of said second electronic card, 
said compacted version stored in said internal stor- 
age of said first electronic card being output from 
said internal storage of said first electronic card 
and encrypted in said first electronic card by 
means of said encryption/decryption means of said 
first electronic card and said encryption key(s) 
stored in said internal storage of said first elec- 
tronic card, 

said compacted data or document version encryp- 
ted by said encryption/decryption means of said 
first electronic card being output from said first 
electronic card via said input/output gate of said 
first electronic card, being transferred via said first 
station to said first computer system and being 
transferred therefrom via said interfacing means of 
said first computer system to said data transmis- 
sion line, 

said encrypted and compacted data or document 
version transferred from said first computer system 
being received by said second computer system 
via said interfacing means of said second computer 
system, being transferred to said second electronic 
card via said second station and via said 
input/output gate of said second electronic card, 
being input into and temporarily stored in said 
internal storage of said second electronic card, 
said compacted data or document version received 
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by said second computer system in encrypted 
form being output from said internal storage of said 
second electronic card and being decrypted in said 
second electronic card by means of said 
encryption/decryption means of said second elec- 
tronic card and said decryption key(s) stored in 
said internal storage of said second electronic card, 
said decrypted, compacted data or document ver- 
sion received by said second computer system in 
encrypted form and decrypted by said second 
electronic card being input into and stored in said 
internal storage of said second electronic card, 
a comparison of said compacted data or document 
version stored in said second electronic card and 
said decrypted, compacted data or document ver- 
sion received by said second computer system in 
encrypted form and decrypted being made In said 
second electronic card for verification of the integ- 
rity of or identity between said data transferred 
from said first computer system and said data 
received by said second computer system or of 
the integrity of or identity between said electronic 
document transferred from said first computer sys- 
tem and said electronic document received by said 
second computer system. 

8. A method according to claim 3, said integrity 
verification being made by 
a compacted version of said data or said electronic 
document being generated in said first computer 
system or in said first electronic card, said com- 
pacted version being input into and stored in said 
internal storage of said first electronic card, 
a compacted version of said data transferred to 
said second computer, system or said electronic 
document transferred to said second computer 
system being generated in said second computer 
system or in said second electronic card, said 
compacted version being input into and stored in 
said internal storage of said second electronic card, 
said compacted version stored in said internal stor- 
age of said second electronic card being output 
from said internal storage of said second electronic 
card and encrypted in said second electronic card 
by means of said encryption/decryption means of 
said second electronic card or said encryption key- 
(s) stored in said internal storage of said second 
electronic card, 

said compacted data or document version encryp- 
ted by said encryption/decryption means of said 
second electronic card being output from said sec- 
ond electronic card via said input/output gate of 
said second electronic card, being transferred via 
said second station to said second computer sys- 
tem and being transferred therefrom via said inter- 
facing means of said second computer system to 
said data transmission line, 
said encrypted and compacted data or document 
version transferred from said second computer 



system being received by said first computer sys- 
tem via said interfacing means of said first com- 
puter system, being transferred to said first elec- 
tronic card via said first station and via said 

5 input/output gate of said first electronic card, being 
input into and temporarily stored in said internal 
storage of said first electronic card, 
said compacted data or document version received 
by said first computer system in encrypted form 

10 being output from said internal storage of said first 
electronic card and being decrypted in said first 
electronic card by means of said 
encryption/decryption means of said first electronic 
card and said decryption key(s) stored in said 

75 internal storage of said first electronic card, 

said decrypted, compacted data or document ver- 
sion received by said first computer system in 
encrypted form and decrypted by said first elec- 
tronic card being input into and stored in said 

20 internal storage of said first electronic card, 

a comparison of said compacted data or document 
version stored in said first electronic card and said 
decrypted, compacted data or document version 
received by said first computer system in encryp- 

25 ted form and decrypted being made in said first 
electronic card for verification of the integrity of or 
identity between said data transferred from said 
first computer system and said data received by 
said second computer system or of the integrity of 

so or identity between said electronic document trans- 
ferred from said first computer system and said 
electronic document received by said second com- 
puter system. 

9. A method according to claims 6 and 7, 
35 wherein a transfer of a compacted data or docu- 
ment version from said first electronic card to said 
second electronic card as well as from said second 
electronic card to said first electronic card and a 
comparison of both transferred, compacted data or 

40 document versions and stored, compacted data or 
document versions in said two electronic cards are 
made for said integrity verification. 

10. A method according to claim 6 or 8, said 
transfer of said compacted data or document ver- 

45 sion generated in said first computer system or in 
said first electronic card from said first electronic 
card to said second electronic card being made 
simultaneously with said transfer of said data or 
said electronic document itself, said data or elec- 

50 tronic document and said compacted data or docu- 
ment version being combined and encrypted as a 
whole before said transfer. 

11. A method according to claim 7 or 8, said 
transfer of said compacted data or document ver- 

55 sion generated in said second computer system or 
in said second electronic card from said second 
electronic card to said first electronic card being 
made simultaneously with a retransmission of said 
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data or said electronic document received from 
said first electronic card from said second elec- 
tronic card to said first electronic card, said data or 
electronic document to be retransmitted and said 
compacted data or document version being com- 
bined and encrypted as a whole before said trans- 
fer. 

12. A method according to claims 9 and 10, 
wherein a simultaneous retransmission of said 
compacted data or document version received by 
said second electronic card and generated in said 
first computer system or in said first electronic card 
is made at said transfer of said compacted data or 
document version generated in said second com- 
puter system or in said second electronic card and 
said retransmission of said data or said electronic 
document from said second electronic card, both 
compacted data or document versions and said 
data or said electronic document to be retransmit- 
ted being combined and encrypted as a whole 
before said transfer. 

13. A method of transferring data, an electronic 
document or the like from a first computer system 
to a second computer system via a data transmis- 
sion line, e.g. a public data transmission line, 
wherein for said transfer 

a first station is used, which is secured against 
illegal entry, i.e. a so-called "tamper-proof" station, 
for outputting data from and inputting data into 
a first card, said first station being connected to 
and communicating with said first computer system 
and furthermore being connected to said data 
transmission line via said first computer system 
and interfacing means, and said first station having 
a central processing unit an internal storage, an 
input/output means for outputting data from and 
inputting data into said first card as well as an 
encryption/decryption means, and 
a second station is used, which is secured against 
illegal entry, i.e. a so-called *tamper-proof n station, 
for outputting data from and inputting data into a 
second card, said second station being connected 
to and communicating with said second computer 
system and furthermore being connected to said 
data transmission line via said second computer 
system and interfacing means, and said second 
station having a centra) data processing unit, an 
internal storage, an input/output means for output- 
ting data from and inputting data into said second 
card as well as an encryption/decryption means 
said first and second card constituting a coherent 
set of cards comprising coherent data input into 
said cards concerning said coherent 
encryption/decryption keys stored in said internal 
storages of said corresponding stations, 
said data or said electronic document being trans- 
ferred to said first station and being input Into and 
temporarily stored in said Internal storage of said 



first station, 

said data or said electronic document being output 
from said internal storage of said first station and 
being encrypted in said first station by means of 

5 said encryption/decryption means of said first sta- 
tion and said encryption key(s) stored in said inter- 
nal storage of said first station, 
said data or said electronic document being output 
from said first station to said first computer system 

70 in encrypted form and therefrom via said interfac- 
ing means of said first computer system to said 
data transmission line, 

said data or said electronic document being re- 
ceived by said second computer system in encryp- 
ts ted form via said interfacing means of said second 
computer system, being transferred to said second 
station, being input into and temporarily stored in 
said internal storage of said second station, 
said data or said electronic document received in 

20 encrypted form being decrypted in said second 
station by means of said encryption/decryption 
means of said second station and said decryption 
key(s) stored in said internal storage of said sec- 
ond station, and 

25 said data or said electronic document in said sec- 
ond station being output from said second station 
after decryption to said second computer system. 

14. A method according to claim 13, wherein a 
verification of the authenticity of said first card and 

30 said first station relative to said second card and 
said second station and vice versa is made prior to 
said transfer of said data or said electronic docu- 
ment from said first computer system to said sec- 
ond computer system 

35 15. A method according to claim 13 or 14, at 

said transfer of said data or said electronic docu- 
ment from said first computer system to said sec- 
ond computer system, a verification of the integrity 
of said data or document transfer being made. 

40 16. A method according to any of claims 13-15, 
said inputting into, said outputting from, said en- 
cryption and said decryption and possibly said 
authenticity and integrity verification being con- 
trolled autonomously by said central data process- 

45 ing unit of said individual station. 

•17. A method according to any of the claims 
13-16, said transfer of said data or said electronic 
document being made in accordance with the 
LECAM protocol. 

so 18. A method according to claim 14, said au- 
thenticity verification being made by 
a first set of data being generated in said first 
station, said set of data being input into and stored 
in said internal storage of said first station and 

55 being encrypted in said first station by means of 
said encryption/decryption means of said first sta- 
tion and said encryption key(s) stored in said inter- 
nal storage of said first station, 
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said first set of data being output from said first 
station in encrypted form via said input/output gate 
of said first station, being transferred to said first 
computer system and being transferred therefrom 
via said interfacing means of said first computer 
system to said data transmission line, 
said first set of data being received by said second 
computer system in encrypted form via said inter- 
facing means of said second computer system, 
being transferred to said second station via said 
input/output gate of said second station, being in- 
put into and temporarily stored in said internal 
storage of said second station, 
said first set of data received by said second 
computer system in encrypted form being output 
from said internal storage of said second station 
and being decrypted in s'aid second station by 
means of said encryption/decryption means of said 
second station and said decryption key(s) stored in 
said internal storage of said second station, 
said first set of data received by said second 
computer system in encrypted form and decrypted 
in said second station being input into and stored 
in said internal storage of said second station, 
a second set of data being generated in said sec- 
ond station, said second set of data being input 
into and stored in said internal storage of said 
second station, 

a first combination of said first set of data received 
by said second computer system in encrypted 
form, decrypted and stored in said internal storage 
of said second station and said second set of data 
stored in said internal storage of said second sta- 
tion being generated in said second station, said 
first combination being input into and stored in said 
internal storage of said second station, 
said first combination being encrypted in said sec- 
ond station by means of said encryption/decryption 
means of said second station and said encryption 
key(s) stored in said internal storage of said sec- 
ond station, 

said first combination being output from said sec- 
ond station in encrypted form via said input/output 
gate of said second station, being transferred to 
said second computer system and being trans- 
ferred therefrom via said interfacing means of said 
second computer system to said data transmission 
line, 

said first combination being received by said first 
computer system in encrypted form via said inter- 
facing means of said first computer system, being 
transferred to said first station via said input/output 
gate of said first station, being input into and tem- 
porarily stored in said internal storage of said first 
station, 

said first combination received by said first com- 
puter system in encrypted form being output from 
said internal storage of said first station and being 



decrypted in said first station by means of 
encryption/decryption means of said first station 
and said decryption key(s) stored in said internal 
storage of said first station, 

s said first combination received by said first com- 
puter system in encrypted form and decrypted in 
said first station being input into and stored in said 
internal storage of said first station, 
said first combination stored in said internal storage 

10 of said first station being decombined for producing 
a first set of data retransmitted to said first station 
and a second set of data transferred to said first 
station, 

said first set of data retransmitted to said first 

75 station and said second set of data transferred to 
said first station being input into and stored in said 
internal storage of said first station, 
said first set of data stored in said internal storage 
of said first station being compared to said first set 

20 of data retransmitted to said first station and stored 
in said internal storage of said first station for 
verification of identity between these sets of data 
for verification of the authenticity of said second 
card and said second station relative to said first 

25 card and said first station, 

a third set of data being generated in said first 
station, said third set of data being input into and 
stored in said internal storage of said first station, 
a second combination of said second set of data 

30 received in encrypted form by said first computer 
system, decrypted and stored in said internal stor- 
age of said first station and said third set of data 
stored in said internal storage of said first station 
being generated in said first station, said second 

35 combination being input into and stored in said 
internal storage of said first station, 
said second combination being encrypted in said 
first station by means of said encryption/decryption 
means of said first station and said encryption key- 

40 (s) stored in said internal storage of said first sta- 
tion, 

said second combination being output from said 
first station in encrypted form via said input/output 
gate of said first station, being transferred to said 

45 first computer system and being transferred there- 
from via said interfacing means of said first com- 
puter system to said data transmission fine, 
said second combination being received by said 
second computer system in encrypted form via 

so said interfacing means of said second computer 
system, being transferred to said second station via 
said input/output gate of said second station, being 
input into and temporarily stored in said internal 
storage of said second station, 

55 said second combination received by said second 
computer system in encrypted form being output 
from said internal storage of said second station 
and being decrypted in said second station by 
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means of said encryption/decryption means of said 
second station and said decryption key(s) stored in 
said internal storage of said second station, 
said second combination received by said second 
computer system in encrypted form and decrypted 
in said second station being input into and stored 
in said internal storage of said second station, 
said second combination stored in said internal 
storage of said second station being decombined 
for producing a second set of data retransmitted to 
said second station and third set of data transferred 
to said second station, 

said second set of data retransmitted to said sec- 
ond station and said third set of data transferred to 
said second station being input into and stored in 
said internal storage of said second station, and 
said second set of data stored in said internal 
storage of said second station being compared to 
second set of data retransmitted to said second 
station and stored in said internal storage of said 
second station for verification of identity between 
these sets of data for verification of the authenticity 
of said first card and said first station relative to 
said second card and said second station. 

19. A method according to claim 15, said integ- 
rity verification being made by 
a compacted version of said data or said electronic 
document being generated in said first computer 
system or said first station, said compacted version 
being input into and stored in said internal storage 
of said first station, 

a compacted version of said data transferred to 
said second computer system or of said electronic 
document transferred to said second computer 
system being generated in said second computer 
system or in said second station, said compacted 
version being input Into and stored in said internal 
storage of said second station, 
said compacted version stored in said internal stor- 
age of said first station being output from said 
internal storage of said first station and encrypted 
in said first station by means of said 
encryption/decryption means of said first station 
and said encryption key(s) stored in said internal 
storage of said first station, 
said compacted data or document version encryp- 
ted by said encryption/decryption means of said 
first station being output from said first station via 
said input/output gate of said first station,, being 
transferred to said first computer system and being 
transferred therefrom via said interfacing means of 
said first computer system to said data transmis- 
sion line, 

said encrypted and compacted data or document 
version transferred from said first computer system 
being received by said second computer system 
via said interfacing means of said second computer 
system, being transferred to said second station via 



said input/output gate of said second station, being 
input into and temporarily stored in said internal 
storage of said second station, 
said compacted data or document version received 

5 by said second computer system in encrypted 
form being output from said internal storage of said 
second station and being decrypted in said second 
station by means of said encryption/decryption 
means of said second station and said decryption 

10 key(s) stored in said internal storage of said sec- 
ond station, 

said decrypted, compacted data or document ver- 
sion received by said second computer system in 
encrypted form and decrypted by said second sta- 
ts tion being input into and stored in said internal 
storage of said second station, 
a comparison of said compacted data or document 
version stored in said second station and said 
decrypted, compacted data or document version 
20 received by said second computer system in en- 
crypted form and decrypted being made in said 
second station for verification of the integrity of or 
identity between said data transferred from said 
first computer system and said data received by 
25 said second computer system or of the integrity of 
or identity between said electronic document trans- 
ferred from said first computer system and said 
electronic document received by said second com- 
puter system. 

30 20. A method according to claim 15, said integ- 
rity verification being made by 
a compacted version of said data or said electronic 
document being generated in said first computer 
system or in said first station, said compacted 

35 version being input into and stored in said internal 
storage of said first station, 
a compacted version of said data transferred to 
said second computer system or said electronic 
document transferred to said second computer 

40 system being generated in said second computer 
system or in said second station, said compacted 
version being input into and stored in said internal 
storage of said second statiorf, 
said compacted version stored in said internal stor- 

46 age of said second station being output from said 
internal storage of said second station and encryp- 
ted in said second station by means of said 
encryption/decryption means of said second station 
or said encryption key(s) stored in said internal 

so storage of said second station, 

said compacted data or document version encryp- 
ted by said encryption/decryption means of said 
second station being output from said second sta- 
tion via said input/output gate of said second sta- 

55 tion, being transferred to said second computer 
system and being transferred therefrom via said 
interfacing means of said second computer system 
to said data transmission line, 
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said encrypted and compacted data or document 
version transferred from said second computer 
system being received by said first computer sys- 
tem via said interfacing means of said first com- 
puter system, being transferred to said first station 
via said input/output gate of said first station, being 
input into and temporarily stored in said interna) 
storage of said first station, 
said compacted data or document version received 
by said first computer system in encrypted form 
being output from said internal storage of said first 
station and being decrypted in said first station by 
means of said encryption/decryption means of said 
first station and said decryption key(s) stored in 
said internal storage of said first station, 
said decrypted, compacted data or document ver- 
sion received by said first computer system in 
encrypted form and decrypted by said first station 
being input into and stored in said internal storage 
of said first station, 

a comparison of said compacted data or document 
version stored in said first station and said decryp- 
ted, compacted data or document version received 
by said first computer system in encrypted form 
and decrypted being made in said first station for 
verification of the integrity of or identity between 
said data transferred from said first computer sys- 
tem and said data received by said second com- 
puter system or of the integrity of or identity be- 
tween said electronic document transferred from 
said first computer system and said electronic doc- 
ument received by said second computer system. 

21. A method according to claims 18 and 19, 
wherein a transfer of a compacted data or docu- 
ment version from said first station to said second 
station as well as from said second station to said 
first station and a comparison of both transferred, 
compacted data or document versions and stored, 
compacted data or document versions in said two 
stations are made for said integrity verification. 

22. A method according to claim 18 or 20, said 
transfer of said compacted data or document ver- 
sion generated in said first computer system or in 
said first station from said first station to said 
second station being made simultaneously with 
said transfer of said data or said electronic docu- 
ment itself, said data or electronic document and 
said compacted data or document version being 
combined and encrypted as a whole before said 
transfer. 

23. A method according to claim 19 or 20, said 
transfer of said compacted data or document ver- 
sion generated in said second computer system or 
in said second station from said second station to 
said first station being made simultaneously with a 
retransmission of said data or said electronic docu- 
ment received from said first station from said 
second station to said first station, said data or 



electronic document to be retransmitted and said 
compacted data or document version being com- 
bined and encrypted as a whole before said trans- 
fer. 

5 24. A method according to claims 21 and 22, 

wherein a simultaneous retransmission of said 
compacted data or document version received by 
said second station and generated in said first 
computer system or in said first station is made at 

70 said transfer of said compacted data or document 
version generated in said second computer system 
or in said second station and said retransmission of 
said data or said electronic document from said 
second station, both compacted data or document 

75 versions and said data or said electronic document 
to be retransmitted being combined and encrypted 
as a whole before said transfer. 

25. A system for said transfer of data, an 
electronic document or the like from a first com- 

20 puter system to a second computer system, which 
second computer system is autonomous in relation 
to said first computer system, via a data transmis- 
sion line, e.g. a public data transmission line, ac- 
cording to the method of any of the claims 1-12, 

25 said system comprising said first station and said 
second station, which are connected to and com- 
municate with said first and said second computer 
system, respectively, and which furthermore via 
said first and said second computer system, re- 

30 spectively, and said corre sponding interfacing 
means are connected to said data transmission 
line, as well as said first and said second electronic 
card, which constitute a coherent set of cards com- 
prising said coherent encryption/decryption keys 

35 input into said internal storages of said cards. 

26. A system according to claim 25, said first 
and said second electronic card being of the type 
DES Smart Card (Philips). Super Smart Card (Bull) 
or CP8 Smart Card (Bull). 

40 27. A system for transferring data, an electronic 
document or the like from a first computer system 
to a second computer system, which is autono- 
mous in relation to said first computer system, via 
a data transmission line, e.g. a public data trans- 

45 mission line, according to the method of any of 
claims 12-15, said system comprising said first 
station and said second station, which are con- 
nected to and communicate with said first and said 
second computer system, respectively, and which 

so furthermore via said first and said second computer 
system, respectively, and corresponding interfacing 
means being connected to said data transmission 
line, as well as said first and said second card, 
which constitute a coherent set of cards comprising 

55 said coherent data input into said cards concerning 
said coherent encryption/decryption keys stored in 
said internal storages of said corresponding sta- 
tions. 
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28. A system according to claim 27, said first 
and said second card being a magnetic card, an 
electronic card of the type DES Smart Card 
(Philips), Super Smart Card (Bull) or CP8 Smart 
Card (Bull) or a similar card. s 

29. An electronic card comprising a central 
data processing unit, an internal storage, an 
input/output gate for communication with a cor- 
responding station for outputting data from and 
inputting data into said electronic card as well as w 
an encryption/decryption means, said card con- 
stituting a first electronic card of a coherent set of 
cards comprising said first electronic card and a 
second electronic card, said electronic cards hav- 
ing coherent encryption/decryption keys and being is 
designed to be used in accordance with the meth- 
od according to any of the claims' t-1 2. 

30. An electronic card according to claim 29, 
said first and said second electronic card being of 

the type DES Smart Card (Philips), Super Smart 20 
Card (Bull) or CP8 Smart Card (Bull). 
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